traefik-2 | Snyk

Direct Vulnerabilities

Known vulnerabilities in the traefik-2 package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
C CVE-2026-27143	*
H Access of Resource Using Incompatible Type ('Type Confusion')	*
L Directory Traversal	*
M Link Following	*
H Improper Certificate Validation	*
H Improper Certificate Validation	*
L CVE-2026-32280	*
M Allocation of Resources Without Limits or Throttling	*
H Allocation of Resources Without Limits or Throttling	*
M Cross-site Scripting (XSS)	*
H Incorrect Authorization	*
H Untrusted Search Path	*
L Uncaught Exception	*
L GHSA-46wh-3698-f2cx	*
H Arbitrary Code Injection	*
H Off-by-one Error	*
H Authentication Bypass	*
H Authentication Bypass	*
L Information Exposure	*
M Improper Authentication	*
L Improper Authorization	*
L GHSA-4hjq-9h5c-252j	*
M Arbitrary Code Injection	*
L Directory Traversal	*
L Direct Request ('Forced Browsing')	*
L Improper Certificate Validation	*
L Improper Certificate Validation	*
L Cross-site Scripting (XSS)	*
L Allocation of Resources Without Limits or Throttling	<2.11.38-r0
L Improper Handling of Case Sensitivity	<2.11.38-r0
H CVE-2025-15558	*
L Resource Exhaustion	<2.11.38-r0
L Untrusted Search Path	*
L Resource Exhaustion	*
L GHSA-gv8r-9rw9-9697	<2.11.37-r0
C CVE-2025-68121	<2.11.36-r1
L CVE-2025-61732	<2.11.36-r1
L CVE-2025-22873	<2.11.25-r0
L Out-of-bounds Write	<2.11.35-r1
L CVE-2025-61730	<2.11.35-r1
L CVE-2025-61731	<2.11.35-r1
L Allocation of Resources Without Limits or Throttling	<2.11.35-r1
L Allocation of Resources Without Limits or Throttling	<2.11.35-r1
H Allocation of Resources Without Limits or Throttling	<2.11.35-r0
L Allocation of Resources Without Limits or Throttling	<2.11.32-r0
M CVE-2025-66490	<2.11.32-r0
L Improper Certificate Validation	<2.11.32-r0
L Improper Certificate Validation	<2.11.32-r0
L CVE-2025-58181	<2.11.31-r1
L CVE-2025-47914	<2.11.31-r1
L Information Exposure Through Log Files	<2.11.29-r2
L Algorithmic Complexity	<2.11.30-r0
L Allocation of Resources Without Limits or Throttling	<2.11.29-r2
L Allocation of Resources Without Limits or Throttling	<2.11.29-r2
L CVE-2025-58183	<2.11.29-r2
L CVE-2025-47912	<2.11.29-r2
L CVE-2025-61725	<2.11.29-r2
L CVE-2025-58186	<2.11.29-r2
L Allocation of Resources Without Limits or Throttling	<2.11.29-r2
L Improper Certificate Validation	<2.11.29-r2
L Reachable Assertion	<2.11.29-r2
L Asymmetric Resource Consumption (Amplification)	<2.11.21-r5
L CVE-2025-22870	<2.11.21-r2
L CVE-2024-45336	<2.11.19-r0
L Insufficient Verification of Data Authenticity	<2.11.15-r0
L CVE-2025-22874	<2.11.25-r1
L CVE-2025-4673	<2.11.25-r1
L Race Condition	<2.11.28-r1
L CVE-2024-45341	<2.11.19-r0
M Missing Initialization of Resource	<2.11.29-r0
L CVE-2025-22869	<2.11.21-r2
L Improper Input Validation	<2.11.21-r3
L CVE-2025-47906	<2.11.28-r1
L CVE-2025-22868	<2.11.24-r0
C Directory Traversal	<2.11.25-r0
L CVE-2024-45337	<2.11.16-r0
L Allocation of Resources Without Limits or Throttling	<2.11.21-r1
L CVE-2025-22866	<2.11.20-r1
L CVE-2025-22871	<2.11.22-r1
C Directory Traversal	<2.11.23-r0
L CVE-2025-47910	<2.11.29-r1
L Cleartext Transmission of Sensitive Information	<2.11.28-r1
L CVE-2024-45338	<2.11.17-r0
C Directory Traversal	<2.11.28-r0
L CVE-2025-22872	<2.11.22-r2
L CVE-2025-4674	<2.11.27-r0
L Link Following	<2.11.25-r1

Vulnerability

Vulnerable Version

CVE-2026-27143