Publish Advisories

GHSA-h924-8g65-j9wg
GHSA-6p68-w45g-48j7
GHSA-vrch-868g-9jx5

Author: advisory-database[bot]

advisories/github-reviewed/2024/12/GHSA-h924-8g65-j9wg/GHSA-h924-8g65-j9wg.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-h924-8g65-j9wg",
-  "modified": "2024-12-02T22:04:59Z",
+  "modified": "2025-11-27T08:05:26Z",
   "published": "2024-12-02T17:12:38Z",
   "aliases": [
     "CVE-2024-52003"
@@ -11,7 +11,7 @@
   "severity": [
     {
       "type": "CVSS_V4",
-      "score": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+      "score": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"
     }
   ],
   "affected": [

advisories/github-reviewed/2025/04/GHSA-6p68-w45g-48j7/GHSA-6p68-w45g-48j7.json

@@ -1,12 +1,12 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-6p68-w45g-48j7",
-  "modified": "2025-04-25T14:41:49Z",
+  "modified": "2025-11-27T08:03:31Z",
   "published": "2025-04-21T16:17:38Z",
   "aliases": [
     "CVE-2025-32431"
   ],
-  "summary": "Traefik has a possible vulnerability with the path matchers",
+  "summary": "Traefik has a possible vulnerability with its path matchers",
   "details": "## Impact\n\nThere is a potential vulnerability in Traefik managing the requests using a `PathPrefix`, `Path` or `PathRegex` matcher.\n\nWhen Traefik is configured to route the requests to a backend using a matcher based on the path, if the URL contains a `/../` in its path, it’s possible to target a backend, exposed using another router, by-passing the middlewares chain.\n\n## Example\n\n```yaml\napiVersion: traefik.io/v1alpha1\nkind: IngressRoute\nmetadata:\n  name: my-service\nspec:\n  routes:\n    - match: PathPrefix(‘/service’)\n      kind: Rule\n      services:\n        - name: service-a\n          port: 8080\n      middlewares:\n        - name: my-middleware-a\n    - match: PathPrefix(‘/service/sub-path’)\n      kind: Rule\n      services:\n        - name: service-a\n          port: 8080\n```\n\nIn such a case, the request `http://mydomain.example.com/service/sub-path/../other-path` will reach the backend `my-service-a` without operating the middleware `my-middleware-a` unless the computed path is `http://mydomain.example.com/service/other-path` and should be computes by the first router (operating `my-middleware-a`).\n\n## Patches\n\n- https://github.com/traefik/traefik/releases/tag/v2.11.24\n- https://github.com/traefik/traefik/releases/tag/v3.3.6\n- https://github.com/traefik/traefik/releases/tag/v3.4.0-rc2\n\n## Workaround\n\nAdd a `PathRegexp` rule to the matcher to prevent matching a route with a `/../` in the path.\n\nExample: \n\n```yaml\nmatch: PathPrefix(`/service`) && !PathRegexp(`(?:(/\\.\\./)+.*)`)\n```\n\n## For more information\n\nIf you have any questions or comments about this advisory, please [open an issue](https://github.com/traefik/traefik/issues).",
   "severity": [
     {

advisories/github-reviewed/2025/05/GHSA-vrch-868g-9jx5/GHSA-vrch-868g-9jx5.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-vrch-868g-9jx5",
-  "modified": "2025-05-30T15:17:40Z",
+  "modified": "2025-11-27T08:04:33Z",
   "published": "2025-05-28T14:25:09Z",
   "aliases": [
     "CVE-2025-47952"
@@ -54,10 +54,7 @@
             }
           ]
         }
-      ],
-      "database_specific": {
-        "last_known_affected_version_range": "<= 2.11.24"
-      }
+      ]
     },
     {
       "package": {