FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-08-29 03:34:00 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
767dfb2d-3c9e-11ef-a829-5404a68ad561traefik -- Bypassing IP allow-lists via HTTP/3 early data requests

The traefik authors report:

There is a vulnerability in Traefik that allows bypassing IP allow-lists via HTTP/3 early data requests in QUIC 0-RTT handshakes sent with spoofed IP addresses.


Discovery 2024-07-02
Entry 2024-07-07
traefik
< 2.11.6

CVE-2024-39321
https://github.com/traefik/traefik/security/advisories/GHSA-gxrv-wf35-62w9
67dd7a9e-3cd8-11f0-b601-5404a68ad561traefik -- Path traversal vulnerability

The traefik project reports:

There is a potential vulnerability in Traefik managing the requests using a PathPrefix, Path or PathRegex matcher. When Traefik is configured to route the requests to a backend using a matcher based on the path, if the URL contains a URL encoded string in its path, it's possible to target a backend, exposed using another router, by-passing the middlewares chain.


Discovery 2025-05-27
Entry 2025-05-29
traefik
< 3.4.1

CVE-2025-47952
https://nvd.nist.gov/vuln/detail/CVE-2025-47952