GMS-2022-8054: Improper Neutralization

December 8, 2022

There is a potential vulnerability in Traefik displaying the Authorization header in its debug logs. If the log level is set to DEBUG, the credentials provided using the Authorization header are displayed in the debug logs.

References

github.com/advisories/GHSA-h2ph-vhm7-g4hp
github.com/traefik/traefik/pull/9574
github.com/traefik/traefik/releases/tag/v2.9.6
github.com/traefik/traefik/security/advisories/GHSA-h2ph-vhm7-g4hp

Code Behaviors & Features

Detect and mitigate GMS-2022-8054 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →