Lucene search
K

41 matches found

Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.5 views

PT-2026-36178

Name of the Vulnerable Software and Affected Versions Traefik versions prior to 2.11.43 Traefik versions prior to 3.6.14 Traefik versions prior to 3.7.0-rc.2 Description An authentication bypass exists in the ForwardAuth and snippet-based authentication middleware. The forwarded-header sanitizati...

10CVSS5.8AI score0.00479EPSS
Exploits1References21
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.6 views

PT-2026-36179

Name of the Vulnerable Software and Affected Versions Traefik versions prior to 2.11.43 Traefik versions prior to 3.6.14 Traefik versions prior to 3.7.0-rc.2 Description An authentication bypass exists in the StripPrefixRegex middleware when used with ForwardAuth, BasicAuth, or DigestAuth. The...

8.5CVSS5.8AI score0.00767EPSS
Exploits1References20
OSV
OSV
added 2026/04/16 11:36 p.m.3 views

BIT-AUTHENTIK-2026-25748 authentik has a forward authentication bypass with broken cookie

authentik is an open-source identity provider. Prior to 2025.10.4 and 2025.12.4, with a malformed cookie it was possible to bypass authentication when using forward authentication in the authentik Proxy Provider when used in conjunction with Traefik or Caddy as reverse proxy. When a malicious...

8.6CVSS5.5AI score0.00479EPSS
Exploits0References4
OSV
OSV
added 2026/04/16 11:36 p.m.2 views

BIT-APISIX-2026-31908 Apache APISIX: forward auth plugin allows header injection

Header injection vulnerability in Apache APISIX. The attacker can take advantage of certain configuration in forward-auth plugin to inject malicious headers. This issue affects Apache APISIX: from 2.12.0 through 3.15.0. Users are recommended to upgrade to version 3.16.0, which fixes the issue...

9.1CVSS5.7AI score0.00521EPSS
Exploits1References3
NVD
NVD
added 2026/04/14 9:16 a.m.4 views

CVE-2026-31908

Header injection vulnerability in Apache APISIX. The attacker can take advantage of certain configuration in forward-auth plugin to inject malicious headers. This issue affects Apache APISIX: from 2.12.0 through 3.15.0. Users are recommended to upgrade to version 3.16.0, which fixes the issue...

9.1CVSS0.00521EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/04/14 8:6 a.m.5 views

CVE-2026-31908

Header injection vulnerability in Apache APISIX. The attacker can take advantage of certain configuration in forward-auth plugin to inject malicious headers. This issue affects Apache APISIX: from 2.12.0 through 3.15.0. Users are recommended to upgrade to version 3.16.0, which fixes the issue...

5.8AI score0.00521EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.5 views

PT-2026-32601

Header injection vulnerability in Apache APISIX. The attacker can take advantage of certain configuration in forward-auth plugin to inject malicious headers. This issue affects Apache APISIX: from 2.12.0 through 3.15.0. Users are recommended to upgrade to version 3.16.0, which fixes the issue...

9.1CVSS5.8AI score0.00521EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/04/14 12:0 a.m.7 views

Apache Apisix 安全漏洞

Apache Apisix is a cloud-native microservices API gateway service provided by the Apache Foundation in the United States. This software is implemented based on OpenResty and etcd, featuring dynamic routing and hot loading of plugins. It is suitable for API management within microservice systems...

9.1CVSS5.8AI score0.00521EPSS
Exploits1References3
NVD
NVD
added 2026/03/07 5:15 p.m.5 views

CVE-2026-30851

Caddy is an extensible server platform that uses TLS by default. From version 2.10.0 to before version 2.11.2, forwardauth copyheaders does not strip client-supplied headers, allowing identity injection and privilege escalation. This issue has been patched in version 2.11.2...

8.8CVSS0.00249EPSS
Exploits1References4
OSV
OSV
added 2026/03/07 5:15 p.m.4 views

UBUNTU-CVE-2026-30851

Caddy is an extensible server platform that uses TLS by default. From version 2.10.0 to before version 2.11.2, forwardauth copyheaders does not strip client-supplied headers, allowing identity injection and privilege escalation. This issue has been patched in version 2.11.2...

8.8CVSS5.7AI score0.00249EPSS
Exploits1References6
CVE
CVE
added 2026/03/07 4:28 p.m.12 views

CVE-2026-30851

CVE-2026-30851 (Caddy) affects Caddy server up to version 2.11.2. The issue is in forward_auth copy_headers, which fails to strip client-supplied headers, enabling identity injection and privilege escalation. This vulnerability is grounded in the component/behavior described across multiple sourc...

8.8CVSS5.7AI score0.00249EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/07 4:28 p.m.2 views

CVE-2026-30851 Caddy forward_auth copy_headers Does Not Strip Client-Supplied Headers, Allowing Identity Injection and Privilege Escalation

Caddy is an extensible server platform that uses TLS by default. From version 2.10.0 to before version 2.11.2, forwardauth copyheaders does not strip client-supplied headers, allowing identity injection and privilege escalation. This issue has been patched in version 2.11.2...

8.1CVSS5.7AI score0.00249EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/03/07 4:28 p.m.40 views

CVE-2026-30851 Caddy forward_auth copy_headers Does Not Strip Client-Supplied Headers, Allowing Identity Injection and Privilege Escalation

Caddy is an extensible server platform that uses TLS by default. From version 2.10.0 to before version 2.11.2, forwardauth copyheaders does not strip client-supplied headers, allowing identity injection and privilege escalation. This issue has been patched in version 2.11.2...

8.1CVSS0.00249EPSS
Exploits1References4
AlpineLinux
AlpineLinux
added 2026/03/07 4:28 p.m.5 views

CVE-2026-30851

Caddy is an extensible server platform that uses TLS by default. From version 2.10.0 to before version 2.11.2, forwardauth copyheaders does not strip client-supplied headers, allowing identity injection and privilege escalation. This issue has been patched in version 2.11.2...

8.8CVSS5.7AI score0.00249EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2026/03/06 12:0 a.m.10 views

PT-2026-23796

Name of the Vulnerable Software and Affected Versions Caddy versions 2.10.0 through 2.11.1 Description Caddy is a server platform that utilizes TLS by default. A flaw exists in the forward auth functionality where the copy headers option fails to remove headers provided by the client. This can le...

9.9CVSS5.8AI score0.22162EPSS
Exploits69References144
Snyk
Snyk
added 2026/03/05 4:15 p.m.2 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to unbounded processing of responses in the ForwardAuth middleware due to the lack of restrictions for maxResponseBodySize configuration. An attacker can cause resource exhaustion...

6.9CVSS5.8AI score0.00451EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/12 7:36 p.m.32 views

CVE-2026-25748 authentik has a forward authentication bypass with broken cookie

authentik is an open-source identity provider. Prior to 2025.10.4 and 2025.12.4, with a malformed cookie it was possible to bypass authentication when using forward authentication in the authentik Proxy Provider when used in conjunction with Traefik or Caddy as reverse proxy. When a malicious...

8.6CVSS0.00479EPSS
Exploits0References3
CVE
CVE
added 2026/02/12 7:36 p.m.22 views

CVE-2026-25748

The vulnerability CVE-2026-25748 affects authentik prior to 2025.10.4 and 2025.12.4 in the Proxy Provider when used with Traefik or Caddy as reverse proxy. A malformed cookie could bypass authentication during forward authentication, causing missing authentik headers (X-Authentik-*) and potential...

8.6CVSS5.3AI score0.00479EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/12 7:36 p.m.3 views

CVE-2026-25748 authentik has a forward authentication bypass with broken cookie

authentik is an open-source identity provider. Prior to 2025.10.4 and 2025.12.4, with a malformed cookie it was possible to bypass authentication when using forward authentication in the authentik Proxy Provider when used in conjunction with Traefik or Caddy as reverse proxy. When a malicious...

8.6CVSS5.4AI score0.00479EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/02/12 7:36 p.m.2 views

CVE-2026-25748

authentik is an open-source identity provider. Prior to 2025.10.4 and 2025.12.4, with a malformed cookie it was possible to bypass authentication when using forward authentication in the authentik Proxy Provider when used in conjunction with Traefik or Caddy as reverse proxy. When a malicious...

8.6CVSS5.3AI score0.00479EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder