Lucene search
K

4 matches found

Cvelist
Cvelist
added 2026/06/23 5:52 p.m.40 views

CVE-2026-52845 Caddy: FastCGI header normalization bypass in `forward_auth copy_headers`

Caddy is an extensible server platform that uses TLS by default. Prior to 2.11.4, forwardauth copyheaders deletes the exact client-supplied identity header before copying the trusted value from the auth gateway. But when the request later goes through phpfastcgi, Caddy normalizes HTTP headers int...

8.1CVSS0.00246EPSS
Exploits1References1
OSV
OSV
added 2026/03/10 6:28 p.m.11 views

GO-2026-4639 Caddy forward_auth copy_headers allows Identity Injection and Privilege Escalation in github.com/caddyserver/caddy

Caddy forwardauth copyheaders Does Not Strip Client-Supplied Headers, Allowing Identity Injection and Privilege Escalation in github.com/caddyserver/caddy...

8.8CVSS5.8AI score0.00249EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2026/03/07 5:15 p.m.4 views

CVE-2026-30851

Caddy is an extensible server platform that uses TLS by default. From version 2.10.0 to before version 2.11.2, forwardauth copyheaders does not strip client-supplied headers, allowing identity injection and privilege escalation. This issue has been patched in version 2.11.2...

8.8CVSS7AI score0.00249EPSS
Exploits1References5
OSV
OSV
added 2026/03/06 11:38 p.m.3 views

GHSA-7R4P-VJF4-GXV4 Caddy forward_auth copy_headers Does Not Strip Client-Supplied Headers, Allowing Identity Injection and Privilege Escalation

Summary Caddy's forwardauth directive with copyheaders generates conditional header-set operations that only fire when the upstream auth service includes the named header in its response. No delete or remove operation is generated for the original client-supplied request header with the same name...

8.1CVSS5.9AI score0.00249EPSS
Exploits1References6
Rows per page
Query Builder