Количество 3
Количество 3
CVE-2025-47952
Traefik (pronounced traffic) is an HTTP reverse proxy and load balancer. Prior to versions 2.11.25 and 3.4.1, there is a potential vulnerability in Traefik managing the requests using a PathPrefix, Path or PathRegex matcher. When Traefik is configured to route the requests to a backend using a matcher based on the path, if the URL contains a URL encoded string in its path, it’s possible to target a backend, exposed using another router, by-passing the middlewares chain. This issue has been patched in versions 2.11.25 and 3.4.1.
CVE-2025-47952
Traefik (pronounced traffic) is an HTTP reverse proxy and load balance ...
GHSA-vrch-868g-9jx5
Traefik allows path traversal using url encoding
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-47952 Traefik (pronounced traffic) is an HTTP reverse proxy and load balancer. Prior to versions 2.11.25 and 3.4.1, there is a potential vulnerability in Traefik managing the requests using a PathPrefix, Path or PathRegex matcher. When Traefik is configured to route the requests to a backend using a matcher based on the path, if the URL contains a URL encoded string in its path, it’s possible to target a backend, exposed using another router, by-passing the middlewares chain. This issue has been patched in versions 2.11.25 and 3.4.1. | CVSS3: 9.1 | 0% Низкий | 9 месяцев назад |
| CVE-2025-47952 Traefik (pronounced traffic) is an HTTP reverse proxy and load balance ... | CVSS3: 9.1 | 0% Низкий | 9 месяцев назад |
| GHSA-vrch-868g-9jx5 Traefik allows path traversal using url encoding | 0% Низкий | 9 месяцев назад |
Уязвимостей на страницу