Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF through the ValidateHTTP01Challenge and ValidateTLSALPN01Challenge validation paths in builtin/logical/pki/acmechallenges.go. An attacker can make the ACME validator connect to loopback, link-local,...

GHSA-9QQ8-CGCV-QMC9 Step CA affected by an index out of bounds panic in TPM attestation EKU validation

Summary An attacker can trigger an index out-of-bounds panic in Step CA by sending a crafted attestation key AK certificate with an empty Extended Key Usage EKU extension during TPM device attestation. Details When processing a device-attest-01 ACME challenge using TPM attestation, Step CA...

CVE-2026-40097

Step CA is an online certificate authority for secure, automated certificate management for DevOps. From 0.24.0 to before 0.30.0-rc3, an attacker can trigger an index out-of-bounds panic in Step CA by sending a crafted attestation key AK certificate with an empty Extended Key Usage EKU extension...

CVE-2026-40097

Step CA is an online certificate authority for secure, automated certificate management for DevOps. From 0.24.0 to before 0.30.0-rc3, an attacker can trigger an index out-of-bounds panic in Step CA by sending a crafted attestation key AK certificate with an empty Extended Key Usage EKU extension...

CVE-2026-40097 Step CA affected by an index out of bounds panic in TPM attestation EKU validation

Step CA is an online certificate authority for secure, automated certificate management for DevOps. From 0.24.0 to before 0.30.0-rc3, an attacker can trigger an index out-of-bounds panic in Step CA by sending a crafted attestation key AK certificate with an empty Extended Key Usage EKU extension...

PT-2026-31991

Name of the Vulnerable Software and Affected Versions Step CA versions 0.24.0 through 0.30.0-rc3 Description An attacker can trigger an index out-of-bounds panic in Step CA by sending a crafted attestation key AK certificate with an empty Extended Key Usage EKU extension during TPM device...

GHSA-CWJM-3F7H-9HWQ Traefik's ACME TLS-ALPN fast path lacks timeouts and close on handshake stall

Impact There is a potential vulnerability in Traefik ACME TLS certificates' automatic generation: the ACME TLS-ALPN fast path can allow unauthenticated clients to tie up goroutines and file descriptors indefinitely when the ACME TLS challenge is enabled. A malicious client can open many...

Arbitrary File Read

Appwrite is vulnerable to Directory Traversal. The vulnerability is due to insufficient validation of user-supplied input when creating an ACME challenge file, allowing an attacker to manipulate the request URI to access arbitrary files. The vulnerability is only exploitable if the...

Appwrite Directory Traversal vulnerability

The ACME-challenge endpoint in Appwrite 0.5.0 through 0.12.x before 0.12.2 allows remote attackers to read arbitrary local files via ../ directory traversal. In order to be vulnerable, APPSTORAGECERTIFICATES/.well-known/acme-challenge must exist on disk. This pathname is automatically created if...

CVE-2022-25377

The ACME-challenge endpoint in Appwrite 0.5.0 through 0.12.x before 0.12.2 allows remote attackers to read arbitrary local files via ../ directory traversal. In order to be vulnerable, APPSTORAGECERTIFICATES/.well-known/acme-challenge must exist on disk. This pathname is automatically created if...

Directory traversal

The ACME-challenge endpoint in Appwrite 0.5.0 through 0.12.x before 0.12.2 allows remote attackers to read arbitrary local files via ../ directory traversal. In order to be vulnerable, APPSTORAGECERTIFICATES/.well-known/acme-challenge must exist on disk. This pathname is automatically created if...

Appwrite Security Vulnerabilities

Appwrite is Appwrite open source an end-to-end backend server . Used to package into a set of Docker microservices for web, mobile, native or backend applications. A security vulnerability exists in Appwrite versions 0.5.0 through 0.12.2, which stems from an ACME-challenge endpoint that allows...

PT-2024-11533 · Appwrite · Appwrite

Name of the Vulnerable Software and Affected Versions: Appwrite versions 0.5.0 through 0.12.x before 0.12.2 Description: The issue allows remote attackers to read arbitrary local files via ../ directory traversal in the "ACME-challenge" endpoint. This vulnerability requires the existence of APP...

CVE-2022-25377

The ACME-challenge endpoint in Appwrite 0.5.0 through 0.12.x before 0.12.2 allows remote attackers to read arbitrary local files via ../ directory traversal. In order to be vulnerable, APPSTORAGECERTIFICATES/.well-known/acme-challenge must exist on disk. This pathname is automatically created if...

CVE-2022-25377

Summary : Multiple sources (Red Hat, Veracode, OSV, GHSA, NVD mirrors) confirm a directory-traversal flaw in Appwrite’s ACME-challenge endpoint. Affected versions : Appwrite 0.5.0 through 0.12.x before 0.12.2. The vulnerability requires the path APP_STORAGE_CERTIFICATES/.well-known/acme-challenge...

CVE-2022-25377

The ACME-challenge endpoint in Appwrite 0.5.0 through 0.12.x before 0.12.2 allows remote attackers to read arbitrary local files via ../ directory traversal. In order to be vulnerable, APPSTORAGECERTIFICATES/.well-known/acme-challenge must exist on disk. This pathname is automatically created if...