Lucene search
K

5 matches found

OSV
OSV
added 2026/06/23 6:18 p.m.3 views

UBUNTU-CVE-2026-52844

Caddy is an extensible server platform that uses TLS by default. Prior to 2.11.4, on Windows, Caddy path matchers treat /private\secret.txt as outside /private/, but fileserver later resolves the same request path as private\secret.txt on disk. An unauthenticated remote client can bypass Caddy...

7.5CVSS5.9AI score0.00409EPSS
Exploits1References2
OSV
OSV
added 2026/06/23 6:17 p.m.2 views

UBUNTU-CVE-2026-45135

Caddy is an extensible server platform that uses TLS by default. From 2.7.0 until 2.11.3, the FastCGI transport's splitPos in modules/caddyhttp/reverseproxy/fastcgi/fastcgi.go misuses golang.org/x/text/search with search.IgnoreCase when the request path contains a non-ASCII byte. Two distinct fla...

8.1CVSS6.5AI score0.00399EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2026/02/24 4:30 p.m.4 views

CVE-2026-27589

Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, the local caddy admin API default listen 127.0.0.1:2019 exposes a state-changing POST /load endpoint that replaces the entire running configuration. When origin enforcement is not enabled enforceorigin not...

8.2CVSS5.2AI score0.00166EPSS
Exploits1
Fedora
Fedora
added 2024/02/19 2:29 a.m.52 views

[SECURITY] Fedora 39 Update: caddy-2.7.6-1.fc39

Caddy is an extensible server platform that uses TLS by default...

7.5CVSS7.3AI score0.01364EPSS
Exploits2
Fedora
Fedora
added 2011/06/10 1:30 p.m.44 views

[SECURITY] Fedora 15 Update: jabberd-2.2.14-1.fc15

The jabberd project aims to provide an open-source server implementation of the Jabber protocols for instant messaging and XML routing. The goal of this project is to provide a scalable, reliable, efficient and extensible server that provides a complete set of features and is up to date with the...

7.5CVSS2.2AI score0.03659EPSS
Exploits0
Rows per page
Query Builder