Traefik
Go2 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting Traefikpage 1 of 1
- CVE-2026-48491CRITICALCVSS 10.0EG 10.0✓ Fixed in 3.7.32026-06-16
Traefik is an HTTP reverse proxy and load balancer. From 3.7.0 until 3.7.3, there is a high severity vulnerability in Traefik's domain-fronting protection (SNICheck) that allows an unauthenticated client to bypass mutual TLS enforced throu…
- CVE-2026-53622CRITICALCVSS 10.0EG 10.0✓ Fixed in 3.7.32026-06-16
Traefik is an HTTP reverse proxy and load balancer. Prior to 3.7.3, there is a critical vulnerability in Traefik's HTTP/3 (QUIC) TLS configuration selection that allows unauthenticated clients to bypass router-specific mTLS enforcement. Wh…
Check whether Traefik is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for Traefik CVEs against the assets you own.
Start Free Scan →