FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

traefik -- Multiple vulnerabilities

Affected packages
		traefik	<	3.6.12

Details

VuXML ID	09e36f7e-2b5b-11f1-852e-5404a68ad561
Discovery	2026-03-26
Entry	2026-03-29

The traefik project releases a new version addressing multiple CVEs:

CVE-2026-33433 (BasicAuth/DigestAuth Identity Spoofing via Non-Canonical headerField)

CVE-2026-33186 (authorization bypass via missing leading slash in :path)

[source]

References

CVE Name	CVE-2026-33186
CVE Name	CVE-2026-33433
URL	https://github.com/traefik/traefik/releases/tag/v3.6.12