Security Notification (Threat: Low) - CVE-2021-32813 - Drop Headers via Malicious Connection Header

There is a potential vulnerability in Traefik's handling of Connection headers, to override headers set in middleware. Active exploitation of this issue is unlikely, as it requires that a removed header would lead to a privilege escalation, however, the Traefik team has addressed this issue to prevent any potential abuse.

Please update to the latest 2.4.13 bug fix release.

See CVE-2021-32813 for more details. If you have any questions or comments, please reply to this thread, or open an issue on github.