configurationwatcher.go in Traefik 2.x before 2.1.4 and TraefikEE 2.0.0 mishandles the purging of certificate contents from providers before logging.
References
Link | Resource |
---|---|
https://github.com/containous/traefik/pull/6281 | Patch Third Party Advisory |
https://github.com/containous/traefik/releases/tag/v2.1.4 | Release Notes |
Configurations
Configuration 1 (hide)
|
History
28 Jul 2021, 00:44
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:containous:traefik:*:*:*:*:*:*:*:* |
cpe:2.3:a:traefik:traefik:2.0.0:*:*:*:enterprise:*:*:* cpe:2.3:a:traefik:traefik:*:*:*:*:*:*:*:* |
Information
Published : 2020-03-16 19:15
Updated : 2023-12-10 13:27
NVD link : CVE-2020-9321
Mitre link : CVE-2020-9321
CVE.ORG link : CVE-2020-9321
JSON object : View
Products Affected
traefik
- traefik
CWE
CWE-295
Improper Certificate Validation