Vulnerabilities > Traefik > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-04 | CVE-2023-47106 | Unspecified vulnerability in Traefik Traefik is an open source HTTP reverse proxy and load balancer. | 6.5 |
| 2023-12-04 | CVE-2023-47124 | Missing Release of Resource after Effective Lifetime vulnerability in Traefik Traefik is an open source HTTP reverse proxy and load balancer. | 5.9 |
| 2022-12-08 | CVE-2022-23469 | Information Exposure Through Log Files vulnerability in Traefik Traefik is an open source HTTP reverse proxy and load balancer. | 6.5 |
| 2022-12-08 | CVE-2022-46153 | Improper Certificate Validation vulnerability in Traefik Traefik is an open source HTTP reverse proxy and load balancer. | 6.5 |
| 2021-08-03 | CVE-2021-32813 | Improper Control of Dynamically-Managed Code Resources vulnerability in Traefik 1.0 Traefik is an HTTP reverse proxy and load balancer. | 6.8 |
| 2020-07-30 | CVE-2020-15129 | Open Redirect vulnerability in Traefik 1.0 In Traefik before versions 1.7.26, 2.2.8, and 2.3.0-rc3, there exists a potential open redirect vulnerability in Traefik's handling of the "X-Forwarded-Prefix" header. | 4.0 |
| 2020-07-02 | CVE-2019-20894 | Improper Certificate Validation vulnerability in Traefik 2.0.0 Traefik 2.x, in certain configurations, allows HTTPS sessions to proceed without mutual TLS verification in a situation where ERR_BAD_SSL_CLIENT_AUTH_CERT should have occurred. | 4.3 |
| 2020-03-16 | CVE-2020-9321 | Improper Certificate Validation vulnerability in Traefik configurationwatcher.go in Traefik 2.x before 2.1.4 and TraefikEE 2.0.0 mishandles the purging of certificate contents from providers before logging. | 5.0 |
| 2018-08-21 | CVE-2018-15598 | Improper Authentication vulnerability in Traefik Containous Traefik 1.6.x before 1.6.6, when --api is used, exposes the configuration and secret if authentication is missing and the API's port is publicly reachable. | 5.0 |