Improper Certificate Purging in Traefik 2.x and TraefikEE 2.0.0

Improper Certificate Purging in Traefik 2.x and TraefikEE 2.0.0

CVE-2020-9321 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

configurationwatcher.go in Traefik 2.x before 2.1.4 and TraefikEE 2.0.0 mishandles the purging of certificate contents from providers before logging.

Learn more about our Web Application Penetration Testing UK.