These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
A medium-severity vulnerability in Traefik's Kubernetes Gateway API provider allows HTTPRoute creation permissions to be abused for unauthorized dynamic configuration access. The flaw permits routing to rest@internal despite providers.rest.insecure=false, enabling live reconfiguration of routers and services in shared Gateway deployments.
Traefik's errors middleware inadvertently forwards complete request headers—including sensitive authentication material—to external error page services, contrary to documentation stating only Host is forwarded by default. This information disclosure occurs when backends return responses matching configured status ranges, exposing credentials across unintended service boundaries. The vulnerability affects [truncated]