Vulnerabilities
Vulnerable Software
Security Vulnerabilities
Traefik is an HTTP reverse proxy and load balancer. Prior to v2.11.51, v3.6.22, and v3.7.6, Traefik's BasicAuth, DigestAuth, and ForwardAuth middlewares strip canonical-cased spoofed identity headers before writing Traefik's own value, but do not account for underscore-variant header names, which many backends normalize identically to dashed forms. An attacker able to reach a protected route can inject an underscore-variant header that survives Traefik's stripping and reaches the backend alongside, or on the unauthenticated ForwardAuth authResponseHeaders path instead of, the value Traefik intended to set, spoofing identity or authorization context. This issue is fixed in versions v2.11.51, v3.6.22, and v3.7.6.
CVSS Score
7.8
EPSS Score
0.003
Published
2026-07-06
Traefik is an HTTP reverse proxy and load balancer. Prior to v2.11.51, v3.6.22, and v3.7.6, Traefik's ForwardAuth middleware, even when configured with trustForwardHeader: false, derives the X-Forwarded-Port header sent to the authentication service from the original incoming request instead of the sanitized forwarded request. As a result, an unauthenticated remote attacker can inject an X-Forwarded-Proto: https header over a plain HTTP connection and cause Traefik to forward X-Forwarded-Port: 443 to the authentication service, bypassing port-based authorization checks. This issue is fixed in versions v2.11.51, v3.6.22, and v3.7.6.
CVSS Score
6.9
EPSS Score
0.003
Published
2026-07-06
Memory Corruption when updating prepared commands with invalid port indices based on user space input exceeds supported read client limits.
CVSS Score
5.3
EPSS Score
0.001
Published
2026-07-06
Memory Corruption when processing invalid HT40 channel layouts during dynamic channel switching operations.
CVSS Score
8.8
EPSS Score
0.001
Published
2026-07-06
Memory Corruption when processing asynchronous input parameters due to improper handling of modified values between check and use.
CVSS Score
7.8
EPSS Score
0.001
Published
2026-07-06
Memory Corruption when parsing jpeg commands due to unaccounted extra writes to the buffer during validation checks.
CVSS Score
5.3
EPSS Score
0.001
Published
2026-07-06
Memory Corruption when handling flash commands due to outdated LED count values being used after userspace modification.
CVSS Score
5.3
EPSS Score
0.001
Published
2026-07-06
Memory Corruption when validating input batch size and buffer plane count exceeds maximum allowed values.
CVSS Score
5.3
EPSS Score
0.001
Published
2026-07-06
Memory Corruption when allocating memory with sizes that exceed the maximum allowed value.
CVSS Score
7.8
EPSS Score
0.001
Published
2026-07-06
Cryptographic Issue when using a static initialization vector for AES-GCM key wrapping, which requires a unique value for each call to ensure security.
CVSS Score
7.1
EPSS Score
0.001
Published
2026-07-06


Contact Us

Shodan ® - All rights reserved