目標達成 すべての支援者に感謝 — 100%達成しました!

目標: 1000 CNY · 調達済み: 1336 CNY

100%

Traefik 厂商漏洞列表 / CVE 中文分析 44

Traefik 厂商相关 44 条 CVE 漏洞,含 AI 中文分析、POC、CVSS 评分与受影响产品。

Traefik 是一款开源边缘路由器,专为微服务架构设计,提供动态配置与负载均衡功能。其历史漏洞多涉及拒绝服务、路径遍历及配置解析缺陷,部分严重问题曾导致远程代码执行风险。尽管项目持续迭代以修复安全缺陷,但作为流量入口,其配置复杂性易引发误用。鉴于已收录 33 条 CVE,部署时需严格遵循最小权限原则,并定期更新版本以应对潜在威胁,确保服务稳定性与安全性。

上位製品 Traefik: traefik
CVE IDタイトルCVSS深刻度公開日
CVE-2025-32431 Traefik has a possible vulnerability with the path matchers — traefikCWE-22 5.9 -2025-04-21
CVE-2024-52003 X-Forwarded-Prefix Header still allows for Open Redirect in traefik — traefikCWE-601 5.3 -2024-11-29
CVE-2024-45410 HTTP client can remove the X-Forwarded headers in Traefik — traefikCWE-345 9.8 Critical2024-09-19
CVE-2024-39321 Traefik vulnerable to bypassing IP allow-lists via HTTP/3 early data requests in QUIC 0-RTT handshakes — traefikCWE-639 7.5 High2024-07-05
CVE-2024-28869 Possible denial of service vulnerability with Content-length header in Traefik — traefikCWE-755 7.5 High2024-04-12
CVE-2023-47633 Uncontrolled Resource Consumption in Traefik — traefikCWE-400 7.5 High2023-12-04
CVE-2023-47106 Incorrect processing of fragment in the URL leads to Authorization Bypass in Traefik — traefikCWE-20 4.8 Medium2023-12-04
CVE-2023-47124 Denial of service whith ACME HTTPChallenge in Traefik — traefikCWE-772 5.9 Medium2023-12-04
CVE-2023-29013 HTTP header parsing could cause a deny of service — traefikCWE-400 7.5 High2023-04-14
CVE-2022-46153 Routes exposed with an empty TLSOption in traefik — traefikCWE-295 8.1 High2022-12-08
CVE-2022-23469 Authorization header displayed in the debug logs — traefikCWE-200 3.5 Low2022-12-08
CVE-2022-39271 Traefik HTTP/2 connections management could cause a denial of service — traefikCWE-400 7.5 High2022-10-11
CVE-2022-23632 Traefik skips the router TLS configuration when the host header is an FQDN — traefikCWE-295 7.4 High2022-02-17
CVE-2021-32813 Drop Headers via Malicious Connection Header — traefikCWE-913 4.8 Medium2021-08-03

本页汇总了 Traefik 厂商截至目前公开的全部 44 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接,并附带 AI 生成的中文分析以便快速判断风险。