High

DATE	CVE	VULNERABILITY TITLE	RISK
2024-09-19	CVE-2024-45410	Insufficient Verification of Data Authenticity vulnerability in Traefik Traefik is a golang, Cloud Native Application Proxy. network low complexity traefik CWE-345	7.5
2023-12-04	CVE-2023-47633	Unspecified vulnerability in Traefik Traefik is an open source HTTP reverse proxy and load balancer. network low complexity traefik	7.5
2023-10-10	CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. network low complexity ietf nghttp2 netty envoyproxy eclipse caddyserver golang f5 apache apple grpc microsoft nodejs dena facebook amazon debian kazu-yamamoto istio varnish-cache-project traefik projectcontour linkerd linecorp redhat fedoraproject netapp akka konghq jenkins openresty cisco	7.5
2023-04-14	CVE-2023-29013	Unspecified vulnerability in Traefik Traefik (pronounced traffic) is a modern HTTP reverse proxy and load balancer for deploying microservices. network low complexity traefik	7.5
2022-10-11	CVE-2022-39271	Improper Handling of Exceptional Conditions vulnerability in Traefik Traefik (pronounced traffic) is a modern HTTP reverse proxy and load balancer that assists in deploying microservices. network low complexity traefik CWE-755	7.5
2022-02-17	CVE-2022-23632	Traefik is an HTTP reverse proxy and load balancer. network low complexity traefik oracle	7.5
2021-08-03	CVE-2021-32813	Improper Control of Dynamically-Managed Code Resources vulnerability in Traefik Traefik is an HTTP reverse proxy and load balancer. network high complexity traefik CWE-913	8.1
2020-07-02	CVE-2019-20894	Improper Certificate Validation vulnerability in Traefik 2.0.0 Traefik 2.x, in certain configurations, allows HTTPS sessions to proceed without mutual TLS verification in a situation where ERR_BAD_SSL_CLIENT_AUTH_CERT should have occurred. network low complexity traefik CWE-295	7.5
2020-03-16	CVE-2020-9321	Improper Certificate Validation vulnerability in Traefik configurationwatcher.go in Traefik 2.x before 2.1.4 and TraefikEE 2.0.0 mishandles the purging of certificate contents from providers before logging. network low complexity traefik CWE-295	7.5
2019-05-29	CVE-2019-12452	Insufficiently Protected Credentials vulnerability in Traefik types/types.go in Containous Traefik 1.7.x through 1.7.11, when the --api flag is used and the API is publicly reachable and exposed without sufficient access control (which is contrary to the API documentation), allows remote authenticated users to discover password hashes by reading the Basic HTTP Authentication or Digest HTTP Authentication section, or discover a key by reading the ClientTLS section. network high complexity traefik CWE-522	7.5