CVE-2020-9321: Traefik has an Improper Certificate Handling issue

September 2, 2021 (updated March 6, 2026)

configurationwatcher.go in Traefik 2.x before 2.1.4 and TraefikEE 2.0.0 mishandles the purging of certificate contents from providers before logging.

References

github.com/advisories/GHSA-7h6j-2268-fhcm
github.com/containous/traefik/pull/6281
github.com/containous/traefik/releases/tag/v2.1.4
github.com/traefik/traefik
github.com/traefik/traefik/pull/6281
github.com/traefik/traefik/releases/tag/v2.1.4
nvd.nist.gov/vuln/detail/CVE-2020-9321

Code Behaviors & Features

Detect and mitigate CVE-2020-9321 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →