Copyright © 2012 Red Hat, Inc. All rights reserved. Important 2026-04-30T20:26:26 traefik: Traefik: Authentication bypass via unsanitized alias headers 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N CWE-289

A flaw was found in Traefik. A remote attacker can exploit an authentication bypass vulnerability by injecting spoofed trust context through unsanitized alias headers. This is due to Traefik's forwarded-header sanitization logic not properly handling alias header names that use underscores instead of dashes. This allows an attacker to bypass authentication on protected routes without valid credentials.

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability. Red Hat OpenShift Dev Spaces Affected devspaces/traefik-rhel9 https://www.cve.org/CVERecord?id=CVE-2026-39858 https://nvd.nist.gov/vuln/detail/CVE-2026-39858 https://github.com/traefik/traefik/releases/tag/v2.11.43 https://github.com/traefik/traefik/releases/tag/v3.6.14 https://github.com/traefik/traefik/releases/tag/v3.7.0-rc.2 https://github.com/traefik/traefik/security/advisories/GHSA-5m6w-wvh7-57vm