Start Free TrialRequest Demo
Products
Traefik ProxyTraefik Hub API GatewayTraefik Hub API ManagementAI GatewayAPI Mocking
Solutions
AI Gateway

New!

Modern API GatewayAPI Mocking

New!

GitOps-Driven API ManagementWeb Application Firewall

New!

Runtime API Governance

New!

Kubernetes IngressDocker Swarm IngressReplace Ingress-NGINX

New!

Traefik & HashiCorpTraefik & Nutanix

New!

Traefik & Oracle

New!

Learn
BlogResource LibraryTraefik AcademySuccess StoriesGlossaryEventsDocsPlugin CatalogForumCommunity
Compare
vs Kong Konnectvs AWS API Gatewayvs Azure APIMvs NGINXvs Solo.io Gloo Gatewayvs Tykvs Graviteevs Envoy Gatewayvs Ambassador Edge Stackvs API7 Enterprisevs Akanavs Zuplo
Pricing
Docs

José Carlos Chávez

Security Software Engineer @ Okta, OWASP Coraza co-leader, and Peruvian llama ambassador.

Security Alert: How Attackers Can Bypass Next.js Middleware With a Single HTTP Header

Security Alert: How Attackers Can Bypass Next.js Middleware With a Single HTTP Header

José Carlos Chávez
·
Security
·
March, 2025

Recently, a critical vulnerability (CVE-2025-29927) was disclosed in the popular Next.js framework, allowing attackers to circumvent middleware execution—including security checks—by leveraging an internal header.

Read more
Why does WAF matter in API security?

Why does WAF matter in API security?

José Carlos Chávez
·
API Management
·
March, 2024

Nowadays, APIs power the internet. We see APIs (Application Programming Interfaces) everywhere: webshops, social networks, mobile apps, government sites and most of the media entertainment is delivered to us over APIs.

Read more

Traefik Labs uses cookies to improve your experience. By continuing to browse the site you are agreeing to our use of cookies. Find out more in the Cookie Policy.