Security Advisory

CVE-2024-21499

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-02-17 05:00:06

Last updated 2024-08-01 22:20:40

Assigner snyk

State PUBLISHED

Description

All versions of the package github.com/greenpau/caddy-security are vulnerable to HTTP Header Injection via the X-Forwarded-Proto header due to redirecting to the injected protocol.Exploiting this vulnerability could lead to bypass of security mechanisms or confusion in handling TLS.

← Browse all CVEs View on cve.org ↗