Improper Request Routing

http-proxy-middleware is vulnerable to improper request routing. The vulnerability is due to unanchored substring matching in the host+path router selector logic, where configured host+path entries are matched against attacker-controlled request metadata using partial string comparisons instead o...

EulerOS Virtualization 2.10.0 : libssh (EulerOS-SA-2026-2054)

According to the versions of the libssh package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A malicious SCP server can send unexpected paths that could make the client application override local files outside of working...

CVE-2026-42273

Heimdall is a cloud native Identity Aware Proxy and Access Control Decision service. Prior to version 0.17.14, Heimdall performs host matching in a case-sensitive manner, while HTTP hostnames are case-insensitive. This discrepancy can result in heimdall failing to match a rule for a request host...

CVE-2026-42273

Heimdall is a cloud native Identity Aware Proxy and Access Control Decision service. Prior to version 0.17.14, Heimdall performs host matching in a case-sensitive manner, while HTTP hostnames are case-insensitive. This discrepancy can result in heimdall failing to match a rule for a request host...

CVE-2026-42273

Heimdall is a cloud native Identity Aware Proxy and Access Control Decision service. Prior to version 0.17.14, Heimdall performs host matching in a case-sensitive manner, while HTTP hostnames are case-insensitive. This discrepancy can result in heimdall failing to match a rule for a request host...

CVE-2026-42273 Heimdall: Case-sensitive host matching may lead to policy bypass

Heimdall is a cloud native Identity Aware Proxy and Access Control Decision service. Prior to version 0.17.14, Heimdall performs host matching in a case-sensitive manner, while HTTP hostnames are case-insensitive. This discrepancy can result in heimdall failing to match a rule for a request host...

CVE-2026-42273

CVE-2026-42273 affects Heimdall (cloud native Identity Aware Proxy and Access Control Decision service). Prior to version 0.17.14, host matching is case-sensitive while HTTP hostnames are case-insensitive, which can cause a request to be classified differently than intended and potentially bypass...

EUVD-2026-28509

Heimdall is a cloud native Identity Aware Proxy and Access Control Decision service. Prior to version 0.17.14, Heimdall performs host matching in a case-sensitive manner, while HTTP hostnames are case-insensitive. This discrepancy can result in heimdall failing to match a rule for a request host...

Interpretation Conflict

Overview Affected versions of this package are vulnerable to Interpretation Conflict due to case-sensitive handling of the host matching process. An attacker can bypass access control policies by sending requests with hostnames that differ only in letter casing, potentially gaining unauthorized...

Interpretation Conflict

Overview Affected versions of this package are vulnerable to Interpretation Conflict due to case-sensitive handling of the host matching process. An attacker can bypass access control policies by sending requests with hostnames that differ only in letter casing, potentially gaining unauthorized...

Heimdall: Case-sensitive host matching may lead to policy bypass

Summary Heimdall performs host matching in a case-sensitive manner, while HTTP hostnames are case-insensitive. This discrepancy can result in heimdall failing to match a rule for a request host that differs only in letter casing, potentially causing the request to be classified differently than...

CVE-2026-27588 Caddy: MatchHost becomes case-sensitive for large host lists (>100), enabling host-based route/auth bypass

Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, Caddy's HTTP host request matcher is documented as case-insensitive, but when configured with a large host list 100 entries it becomes case-sensitive due to an optimized matching path. An attacker can bypass...

CVE-2026-27588

Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, Caddy's HTTP host request matcher is documented as case-insensitive, but when configured with a large host list 100 entries it becomes case-sensitive due to an optimized matching path. An attacker can bypass...

CVE-2026-27588

Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, Caddy's HTTP host request matcher is documented as case-insensitive, but when configured with a large host list 100 entries it becomes case-sensitive due to an optimized matching path. An attacker can bypass...

The vulnerabilities of the Go programming language’s packages net/http, x/net/proxy, and x/net/http/httpproxy allow attackers to compromise the confidentiality and accessibility of protected information.

The vulnerability of the net/http, x/net/proxy, and x/net/http/httpproxy libraries in the Go programming language is related to incorrect matching of hosts with proxy server templates. Exploiting this vulnerability can allow an attacker to compromise the confidentiality and accessibility of...

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a misinterpretation of input in proxy host matching [CVE-2025-22870]

Summary IBM Watson Speech Services Cartridge is vulnerable to a misinterpretation of input in proxy host matching, caused by improper addressing of an IPv6 zone ID as a hostname component CVE-2025-22870. Proxy host matching is used as part of our speech utilities. This vulnerabilitiy has been...

CVE-2025-22870

A flaw was found in proxy host matching. This vulnerability allows improper bypassing of proxy settings via manipulating an IPv6 zone ID, causing unintended matches against the NOPROXY environment variable. Mitigation Mitigation for this issue is either not available or the currently available...

GO-2025-3503 HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net

Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NOPROXY environment variable is set to ".example.com", a request to "::1%25.example.com:80 will incorrectly match and not be proxied...

pam security update

1.5.1-21.0.1 - pamaccess: clean up the remote host matching code Orabug: 36771903 - pamlimits: fix use after free in pamsmopensession Orabug: 36406534 1.5.1-21 - pamunix: always run the helper to obtain shadow password file entries. CVE-2024-10041. Resolves: RHEL-62880 1.5.1-20 - libpam: support...

PT-2020-8890 · Caddy · Caddy

Name of the Vulnerable Software and Affected Versions: Caddy versions prior to 0.10.13 Description: The issue is related to the mishandling of TLS client authentication. This is caused by the lack of the StrictHostMatching mode, allowing an attacker to bypass TLS client authentication. An attacke...