← Volver a CVEs

CVE-2026-41174

MEDIUM

6.4

Descripcion

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is a potential vulnerability in Traefik's Kubernetes CRD provider cross-namespace isolation enforcement. When providers.kubernetesCRD.allowCrossNamespace=false, Traefik correctly rejects direct cross-namespace middleware references from IngressRoute objects, but fails to apply the same restriction to middleware references nested inside a Chain middleware's spec.chain.middlewares[]. An actor with permission to create or update Traefik CRDs in their own namespace can exploit this to cause Traefik to resolve and apply middleware objects from another namespace, bypassing the documented isolation boundary. This issue has been patched in versions 2.11.43, 3.6.14, and 3.7.0-rc.2.

Detalles CVE

Puntuacion CVSS v3.16.4

SeveridadMEDIUM

Vector CVSSCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

Vector de ataqueNETWORK

ComplejidadLOW

Privilegios requeridosLOW

Interaccion usuarioNONE

Publicado4/30/2026

Ultima modificacion5/1/2026

Fuentenvd

Avistamientos honeypot0

Productos afectados

traefik:traefik

Debilidades (CWE)

CWE-653CWE-863

Referencias

https://github.com/traefik/traefik/commit/df00d82fc7f12e07199551832b54de6d0e55414d(security-advisories@github.com)

https://github.com/traefik/traefik/releases/tag/v2.11.43(security-advisories@github.com)

https://github.com/traefik/traefik/releases/tag/v3.6.14(security-advisories@github.com)

https://github.com/traefik/traefik/releases/tag/v3.7.0-rc.2(security-advisories@github.com)

https://github.com/traefik/traefik/security/advisories/GHSA-xhjw-95fp-8vgq(security-advisories@github.com)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.