Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-45692

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Caddy is an extensible server platform that uses TLS by default. From 2.4.0 until 2.11.3, the authorization layer and the /config traversal layer do not agree o...

5.4CVSS5.8AI score0.00144EPSS
Exploits1References3
OSV
OSV
added 2026/06/23 6:17 p.m.4 views

DEBIAN-CVE-2026-45692

Caddy is an extensible server platform that uses TLS by default. From 2.4.0 until 2.11.3, the authorization layer and the /config traversal layer do not agree on what object the path refers to. In this case, a path authorized for one config object is accepted, but then resolves to a different...

3.8CVSS5.9AI score0.00144EPSS
Exploits1References1
NVD
NVD
added 2026/06/23 6:17 p.m.11 views

CVE-2026-45692

Caddy is an extensible server platform that uses TLS by default. From 2.4.0 until 2.11.3, the authorization layer and the /config traversal layer do not agree on what object the path refers to. In this case, a path authorized for one config object is accepted, but then resolves to a different...

5.4CVSS0.00144EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2026/06/23 5:55 p.m.9 views

CVE-2026-45692

Caddy is an extensible server platform that uses TLS by default. From 2.4.0 until 2.11.3, the authorization layer and the /config traversal layer do not agree on what object the path refers to. In this case, a path authorized for one config object is accepted, but then resolves to a different...

5.4CVSS5.8AI score0.00144EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2026/06/23 5:55 p.m.10 views

CVE-2026-45692

Caddy is an extensible server platform that uses TLS by default. From 2.4.0 until 2.11.3, the authorization layer and the /config traversal layer do not agree on what object the path refers to. In this case, a path authorized for one config object is accepted, but then resolves to a different...

5.4CVSS5.9AI score0.00144EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.12 views

PT-2026-41964

Name of the Vulnerable Software and Affected Versions Caddy versions 2.4.0 through 2.11.2 Description An authorization-to-object mismatch exists in the remote admin functionality. The authorization layer uses string prefix matching, while the /config traversal layer parses array indices numerical...

5.4CVSS5.9AI score0.00144EPSS
Exploits1References12
Rows per page
Query Builder