FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Containous Traefik -- exposes the configuration and secret

Affected packages
traefik < 1.6.6

Details

VuXML ID fe818607-b5ff-11e8-856b-485b3931c969
Discovery 2018-08-20
Entry 2018-09-11

MITRE reports:

Containous Traefik 1.6.x before 1.6.6, when --api is used, exposes the configuration and secret if authentication is missing and the API's port is publicly reachable.

References

CVE Name CVE-2018-15598
URL https://github.com/containous/traefik/pull/3790
URL https://github.com/containous/traefik/releases/tag/v1.6.6