CVE-2020-9321

Improper Certificate Validation in go/github.com/traefik/traefik

Identifiers

GHSA-7h6j-2268-fhcm, CVE-2020-9321

Package Slug

go/github.com/traefik/traefik

Vulnerability

Improper Certificate Validation

Description

configurationwatcher.go in Traefik 2.x before 2.1.4 and TraefikEE 2.0.0 mishandles the purging of certificate contents from providers before logging.

Affected Versions

All versions before 2.1.4

Solution

Upgrade to version 2.1.4 or above.

Last Modified

2022-07-24

source