github.com/traefik/traefik/v2 (Go) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Go package github.com/traefik/traefik/v2, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (41)
CVE-2026-35051 — CVSS 10.0 (critical): Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is an authentication bypass…
CVE-2026-53622 — CVSS 10.0 (critical): Traefik is an HTTP reverse proxy and load balancer. Prior to 3.7.3, there is a critical vulnerability in Traefik's HTTP/3 (QUIC) TLS…
CVE-2026-39858 — CVSS 10.0 (critical): Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is a high severity…
CVE-2026-48020 — CVSS 10.0 (critical): Traefik is an HTTP reverse proxy and load balancer. Prior to 2.11.48, 3.6.19, and 3.7.3, there is a high severity vulnerability in…
CVE-2026-44774 — CVSS 9.9 (critical): Traefik is an HTTP reverse proxy and load balancer. Prior to 2.11.46, 3.6.17, and 3.7.1, Traefik's Kubernetes Gateway API provider allows a…
CVE-2024-45410 — CVSS 9.8 (critical): Traefik is a golang, Cloud Native Application Proxy. When a HTTP request is processed by Traefik, certain HTTP headers such as…
CVE-2025-54386 — CVSS 9.8 (critical): Traefik is an HTTP reverse proxy and load balancer. In versions 2.11.27 and below, 3.0.0 through 3.4.4 and 3.5.0-rc1, a path traversal…
CVE-2025-47952 — CVSS 9.1 (critical): Traefik (pronounced traffic) is an HTTP reverse proxy and load balancer. Prior to versions 2.11.25 and 3.4.1, there is a potential…
CVE-2025-32431 — CVSS 9.1 (critical): Traefik (pronounced traffic) is an HTTP reverse proxy and load balancer. In versions prior to 2.11.24, 3.3.6, and 3.4.0-rc2. There is a…
CVE-2026-33433 — CVSS 8.8 (high): Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.42, 3.6.11, and 3.7.0-ea.3, when `headerField` is configured…
CVE-2026-54762 — CVSS 8.6 (high): Traefik is an HTTP reverse proxy and load balancer. From 3.7.0-ea.1 until 3.7.5, there is a medium severity vulnerability in Traefik's…
CVE-2026-40912 — CVSS 8.2 (high): Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is a high severity…
CVE-2022-46153 — CVSS 8.1 (high): Traefik is an open source HTTP reverse proxy and load balancer. In affected versions there is a potential vulnerability in Traefik managing…
CVE-2026-32695 — CVSS 7.7 (high): Traefik is an HTTP reverse proxy and load balancer. Prior to versions 3.6.11 and 3.7.0-ea.2, Traefik's Knative provider builds router rules…
CVE-2023-47633 — CVSS 7.5 (high): Traefik is an open source HTTP reverse proxy and load balancer. The traefik docker container uses 100% CPU when it serves as its own…
CVE-2022-39271 — CVSS 7.5 (high): Traefik (pronounced traffic) is a modern HTTP reverse proxy and load balancer that assists in deploying microservices. There is a potential…
CVE-2023-29013 — CVSS 7.5 (high): Traefik (pronounced traffic) is a modern HTTP reverse proxy and load balancer for deploying microservices. There is a vulnerability in Go…
CVE-2019-20894 — CVSS 7.5 (high): Traefik 2.x, in certain configurations, allows HTTPS sessions to proceed without mutual TLS verification in a situation where…
CVE-2024-28869 — CVSS 7.5 (high): Traefik is an HTTP reverse proxy and load balancer. In affected versions sending a GET request to any Traefik endpoint with the…
CVE-2024-39321 — CVSS 7.5 (high): Traefik is an HTTP reverse proxy and load balancer. Versions prior to 2.11.6, 3.0.4, and 3.1.0-rc3 have a vulnerability that allows…
CVE-2026-25949 — CVSS 7.5 (high): Traefik is an HTTP reverse proxy and load balancer. Prior to 3.6.8, there is a potential vulnerability in Traefik managing STARTTLS…
CVE-2026-26999 — CVSS 7.5 (high): Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.38 and 3.6.9, there is a potential vulnerability in Traefik…
CVE-2026-29054 — CVSS 7.5 (high): Traefik is an HTTP reverse proxy and load balancer. From version 2.11.9 to 2.11.37 and from version 3.1.3 to 3.6.8, there is a potential…
CVE-2022-23632 — CVSS 7.4 (high): Traefik is an HTTP reverse proxy and load balancer. Prior to version 2.6.1, Traefik skips the router transport layer security (TLS)…
CVE-2026-54761 — CVSS 7.1 (high): Traefik is an HTTP reverse proxy and load balancer. Prior to 3.6.21 and 3.7.5, there is a high severity vulnerability in Traefik's…
CVE-2025-66490 — CVSS 6.5 (medium): Traefik is an HTTP reverse proxy and load balancer. For versions prior to 2.11.32 and 2.11.31 through 3.6.2, requests using PathPrefix…
CVE-2026-29777 — CVSS 6.5 (medium): Traefik is an HTTP reverse proxy and load balancer. Prior to 3.6.10, A tenant with write access to an HTTPRoute resource can inject…
CVE-2026-41174 — CVSS 6.4 (medium): Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is a potential vulnerability…
CVE-2024-52003 — CVSS 6.1 (medium): Traefik (pronounced traffic) is an HTTP reverse proxy and load balancer. There is a vulnerability in Traefik that allows the client to…
CVE-2020-15129 — CVSS 6.1 (medium): In Traefik before versions 1.7.26, 2.2.8, and 2.3.0-rc3, there exists a potential open redirect vulnerability in Traefik's handling of the…
CVE-2026-22045 — CVSS 5.9 (medium): Traefik is an HTTP reverse proxy and load balancer. Prior to 2.11.35 and 3.6.7, there is a potential vulnerability in Traefik ACME TLS…
CVE-2025-66491 — CVSS 5.9 (medium): Traefik is an HTTP reverse proxy and load balancer. Versions 3.5.0 through 3.6.2 have inverted TLS verification logic in the…
CVE-2023-47124 — CVSS 5.9 (medium): Traefik is an open source HTTP reverse proxy and load balancer. When Traefik is configured to use the `HTTPChallenge` to generate and renew…
CVE-2026-41181 — CVSS 5.8 (medium): Traefik is an HTTP reverse proxy and load balancer. Prior to 2.11.44, 3.6.15, and 3.7.0-rc.3, there is an information disclosure…
CVE-2026-32305 — CVSS 5.3 (medium): Traefik is an HTTP reverse proxy and load balancer. Versions 2.11.40 and below, 3.0.0-beta1 through 3.6.11, and 3.7.0-ea.1 are vulnerable…
CVE-2023-47106 — CVSS 4.8 (medium): Traefik is an open source HTTP reverse proxy and load balancer. When a request is sent to Traefik with a URL fragment, Traefik…
CVE-2021-32813 — CVSS 4.8 (medium): Traefik is an HTTP reverse proxy and load balancer. Prior to version 2.4.13, there exists a potential header vulnerability in Traefik's…
CVE-2026-26998 — CVSS 4.4 (medium): Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.38 and 3.6.9, there is a potential vulnerability in Traefik…
CVE-2026-32595 — CVSS 3.7 (low): Traefik is an HTTP reverse proxy and load balancer. Versions 2.11.40 and below, 3.0.0-beta1 through 3.6.11, and 3.7.0-ea.1 comtain…
CVE-2026-41263 — CVSS 3.7 (low): Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is a timing side-channel…
CVE-2022-23469 — CVSS 3.5 (low): Traefik is an open source HTTP reverse proxy and load balancer. Versions prior to 2.9.6 are subject to a potential vulnerability in Traefik…