VDB

GO-2026-4893

GO-2026-4893 PUBLISHED

Traefik Vulnerable to BasicAuth/DigestAuth Identity Spoofing via Non-Canonical headerField in github.com/traefik/traefik

Affected Products

VendorProductVersions
github.comtraefik/traefik0, 0
github.comtraefik/traefik/v20, 0
github.comtraefik/traefik/v33.0.0-beta1, 3.7.0-ea.1, 3.0.0-beta1

Timeline

  • Apr 2, 2026 CVE Published
  • Apr 7, 2026 CVE Updated
  • May 1, 2026 Security Advisory
Open in Interactive Console →
$ Console Community · 100/wk Open console ›