@funkyfae.bsky.social
Reposted
A popular reverse proxy and ingress controller shipped misconfigured versions for the past five months.
The Traefik setting that enabled TLS verification was actually disabling it across the board.
aisle.com/blog/cve-202...
The Traefik setting that enabled TLS verification was actually disabling it across the board.
aisle.com/blog/cve-202...
CVE-2025-66491: Traefik's "Verify=On" Turned TLS Off
Learn how CVE-2025-66491 exposed a critical TLS verification flaw in Traefik, where "Verify=On" accidentally disabled security for 5 months.
aisle.com
December 11, 2025 at 12:04 PM
A popular reverse proxy and ingress controller shipped misconfigured versions for the past five months.
The Traefik setting that enabled TLS verification was actually disabling it across the board.
aisle.com/blog/cve-202...
The Traefik setting that enabled TLS verification was actually disabling it across the board.
aisle.com/blog/cve-202...
Reposted
