7 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
43.9%
Insufficient content type validation of proxied resources in go-camo before 2.1.1 allows a remote attacker to serve arbitrary content from go-camo’s origin.
github.com/cactus/go-camo/blob/505862f7bf14c8b6ff945734d5f3fdcd929e45dd/pkg/camo/proxy.go#L453-L460
github.com/cactus/go-camo/security/advisories/GHSA-jg2r-qf99-4wvr