Security Advisory

CVE-2024-21493

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-02-17 05:00:08
Last updated 2024-08-01 22:20:40
Assigner snyk
State PUBLISHED

Description

All versions of the package github.com/greenpau/caddy-security are vulnerable to Improper Validation of Array Index when parsing a Caddyfile. Multiple parsing functions in the affected library do not validate whether their input values are nil before attempting to access elements, which can lead to a panic (index out of range). Panics during the parsing of a configuration file may introduce ambiguity and vulnerabilities, hindering the correct interpretation and configuration of the web server.