CNNVD-202512-1666 Information

Dec 09, 2025 cve

CNNVD ID

CNNVD-202512-1666

CVE-2025-66491

CNNVD Published: 2025-12-09

Description (Chinese)

Traefik是Traefik开源的一款开源的反向代理与负载均衡工具。 Traefik 3.5.0版本至3.6.2版本存在安全漏洞，该漏洞源于TLS验证逻辑反转，可能导致中间人攻击。

Description (English)

Traefik is an open source counter-agent and load balancing tool for Traefik open source. There is a security loophole in Traefik, versions 3.5.0 to 3.6.2, which stems from the reversal of the TLS certification logic and may lead to an attack by an intermediary.

Hazard Level

High

Vulnerability Type

其他

Published

2025-12-09

Last Modified

2026-02-24

References

https://github.com/traefik/traefik/commit/14a1aedf5704673d875d210d7bacf103a43c77e4 https://github.com/traefik/traefik/releases/tag/v3.6.3 https://github.com/traefik/traefik/security/advisories/GHSA-7vww-mvcr-x6vj

Patch

https://traefik.io/

Share on: