Traefik Security Vulnerabilities (CVEs)
Track 17 security vulnerabilities affecting Traefik products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
This vulnerability allows remote unauthenticated attackers to bypass Traefik's protection mechanisms and remove critical X-Forwarded headers that iden...
Mar 5, 2026Traefik reverse proxy versions before 2.11.38 and 3.6.9 have a memory exhaustion vulnerability in the ForwardAuth middleware. When configured with For...
Mar 5, 2026This vulnerability allows remote unauthenticated attackers to cause denial of service in Traefik by exploiting a TLS handshake flaw. Attackers can sen...
Mar 5, 2026This vulnerability allows unauthenticated attackers to cause denial of service in Traefik reverse proxy by exploiting a STARTTLS timeout bypass. Attac...
Feb 12, 2026This vulnerability allows unauthenticated attackers to cause denial of service in Traefik reverse proxy by exploiting the ACME TLS-ALPN challenge mech...
Jan 15, 2026Traefik versions 3.5.0 through 3.6.2 have inverted TLS verification logic in the nginx.ingress.kubernetes.io/proxy-ssl-verify annotation. Setting the ...
Dec 9, 2025Traefik reverse proxy versions prior to 2.11.32 and 3.6.3 have a path normalization bypass vulnerability. Attackers can use URL-encoded characters to ...
Dec 9, 2025A path traversal vulnerability in Traefik's WASM plugin installation mechanism allows attackers to overwrite arbitrary system files by uploading malic...
Aug 2, 2025This vulnerability in Traefik allows attackers to bypass router path matching rules by using URL-encoded strings in request paths. This could enable a...
May 30, 2025Traefik reverse proxy versions before 2.11.24, 3.3.6, and 3.4.0-rc2 contain a path traversal vulnerability in path-based routing matchers. Attackers c...
Apr 21, 2025This vulnerability in Traefik allows attackers to manipulate the X-Forwarded-Prefix header from untrusted sources, potentially enabling URL redirectio...
Nov 29, 2024This vulnerability allows attackers to bypass IP allow-lists in Traefik reverse proxy by sending HTTP/3 early data requests with spoofed IP addresses ...
Jul 5, 2024Traefik's Docker integration creates an automatic route where Traefik serves as its own backend, causing 100% CPU consumption in a denial-of-service c...
Dec 4, 2023CVE-2023-44487 is an HTTP/2 protocol vulnerability that allows attackers to cause denial of service by rapidly resetting streams, consuming server res...
Oct 10, 2023A memory allocation vulnerability in Go's HTTP header parsing affects Traefik reverse proxy. Attackers can send specially crafted HTTP headers to caus...
Apr 14, 2023Traefik versions before 2.6.1 incorrectly handle TLS configuration when requests use fully qualified domain names (FQDNs) in the Host header, potentia...
Feb 17, 2022Traefik 2.x before 2.1.4 and TraefikEE 2.0.0 fail to properly purge certificate contents before logging, potentially exposing sensitive TLS certificat...
Mar 16, 2020Why Monitor Traefik Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 17+ known vulnerabilities affecting Traefik products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Traefik packages in under 60 seconds. No agents required - completely agentless scanning that works across Traefik deployments.
Free vulnerability database: Access detailed information about every Traefik CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Traefik CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
