Lucene search
K

30 matches found

OSV
OSV
added 2026/07/02 4:3 p.m.8 views

GHSA-RGGC-M335-3WVJ OpenClaw: Same-host trusted-proxy deployments could accept local forged identity headers

Summary Same-host trusted-proxy deployments could accept local forged identity headers. In affected versions, a local same-host caller that can reach the proxy-facing Gateway port could supply identity headers normally reserved for the trusted proxy. This advisory is scoped to the named feature a...

7.7CVSS6AI score0.00102EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-52845

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Caddy is an extensible server platform that uses TLS by default. Prior to 2.11.4, forwardauth copyheaders deletes the exact client-supplied identity header befo...

8.1CVSS5.9AI score0.00246EPSS
Exploits1References3
OSV
OSV
added 2026/06/23 6:18 p.m.4 views

DEBIAN-CVE-2026-52845

Caddy is an extensible server platform that uses TLS by default. Prior to 2.11.4, forwardauth copyheaders deletes the exact client-supplied identity header before copying the trusted value from the auth gateway. But when the request later goes through phpfastcgi, Caddy normalizes HTTP headers int...

8.1CVSS5.9AI score0.00246EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/06/23 5:52 p.m.5 views

CVE-2026-52845

Caddy is an extensible server platform that uses TLS by default. Prior to 2.11.4, forwardauth copyheaders deletes the exact client-supplied identity header before copying the trusted value from the auth gateway. But when the request later goes through phpfastcgi, Caddy normalizes HTTP headers int...

8.1CVSS5.9AI score0.00246EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/06/23 5:52 p.m.39 views

CVE-2026-52845 Caddy: FastCGI header normalization bypass in `forward_auth copy_headers`

Caddy is an extensible server platform that uses TLS by default. Prior to 2.11.4, forwardauth copyheaders deletes the exact client-supplied identity header before copying the trusted value from the auth gateway. But when the request later goes through phpfastcgi, Caddy normalizes HTTP headers int...

8.1CVSS0.00246EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/06/23 5:52 p.m.3 views

CVE-2026-52845 Caddy: FastCGI header normalization bypass in `forward_auth copy_headers`

Caddy is an extensible server platform that uses TLS by default. Prior to 2.11.4, forwardauth copyheaders deletes the exact client-supplied identity header before copying the trusted value from the auth gateway. But when the request later goes through phpfastcgi, Caddy normalizes HTTP headers int...

8.1CVSS5.9AI score0.00246EPSS
Exploits1References1
NVD
NVD
added 2026/06/19 2:16 p.m.15 views

CVE-2026-39998

Improper Input Validation vulnerability in Apache APISIX. The attacker can take advantage of certain configuration in forward-auth plugin to spoof identity headers. This issue affects Apache APISIX: from 2.12.0 through 3.16.0. Users are recommended to upgrade to version 3.17.0, which fixes the...

8.8CVSS0.00403EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/19 1:4 p.m.10 views

EUVD-2026-38011

Improper Input Validation vulnerability in Apache APISIX. The attacker can take advantage of certain configuration in forward-auth plugin to spoof identity headers. This issue affects Apache APISIX: from 2.12.0 through 3.16.0. Users are recommended to upgrade to version 3.17.0, which fixes the...

5.8CVSS5.8AI score0.00403EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/19 1:4 p.m.6 views

CVE-2026-39998

Improper Input Validation vulnerability in Apache APISIX. The attacker can take advantage of certain configuration in forward-auth plugin to spoof identity headers. This issue affects Apache APISIX: from 2.12.0 through 3.16.0. Users are recommended to upgrade to version 3.17.0, which fixes the...

5.8CVSS5.8AI score0.00403EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.18 views

PT-2026-50884

Name of the Vulnerable Software and Affected Versions Apache APISIX versions 2.3 through 3.16.0 Description The openid-connect plugin under default configuration contains an issue where insufficient verification of data authenticity allows an attacker to spoof identity headers. This can lead to...

9.1CVSS5.9AI score0.00213EPSS
Exploits0References7
NVD
NVD
added 2026/06/12 10:16 p.m.18 views

CVE-2026-53832

OpenClaw before 2026.5.18 contains an identity header validation vulnerability allowing local same-host callers to forge trusted-proxy identity headers. Attackers with access to the proxy-facing Gateway port can supply forged identity headers to assume operator identity and potentially escalate...

7.7CVSS0.00102EPSS
Exploits0References2
OSV
OSV
added 2026/05/14 9:30 p.m.11 views

GHSA-4G9M-RFFV-H6WQ Crabbox: authentication bypass vulnerability that allows impersonation of others by spoofing identity headers

Crabbox prior to v0.12.0 contains an authentication bypass vulnerability that allows non-admin shared-token callers to impersonate other owners or organizations by spoofing identity headers. Attackers can inject malicious X-Crabbox-Owner and X-Crabbox-Org headers in requests authenticated with a...

8.8CVSS5.8AI score0.00361EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2026/05/14 9:30 p.m.14 views

Crabbox: authentication bypass vulnerability that allows impersonation of others by spoofing identity headers

Crabbox prior to v0.12.0 contains an authentication bypass vulnerability that allows non-admin shared-token callers to impersonate other owners or organizations by spoofing identity headers. Attackers can inject malicious X-Crabbox-Owner and X-Crabbox-Org headers in requests authenticated with a...

8.8CVSS5.8AI score0.00361EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2026/05/14 7:16 p.m.18 views

CVE-2026-8621

Crabbox prior to v0.12.0 contains an authentication bypass vulnerability that allows non-admin shared-token callers to impersonate other owners or organizations by spoofing identity headers. Attackers can inject malicious X-Crabbox-Owner and X-Crabbox-Org headers in requests authenticated with a...

8.8CVSS0.00361EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/14 6:46 p.m.35 views

CVE-2026-8621 Crabbox < v0.12.0 Authentication Bypass via Header Spoofing

Crabbox prior to v0.12.0 contains an authentication bypass vulnerability that allows non-admin shared-token callers to impersonate other owners or organizations by spoofing identity headers. Attackers can inject malicious X-Crabbox-Owner and X-Crabbox-Org headers in requests authenticated with a...

8.8CVSS0.00361EPSS
Exploits0References4
OSV
OSV
added 2026/03/10 6:28 p.m.3 views

GO-2026-4597 traefik CVE-2024-45410 fix bypass: lowercase `Connection` tokens can delete traefik-managed forwarded identity headers (for example, `X-Real-Ip`) in github.com/traefik/traefik

traefik CVE-2024-45410 fix bypass: lowercase Connection tokens can delete traefik-managed forwarded identity headers for example, X-Real-Ip in github.com/traefik/traefik...

7.5CVSS5.8AI score0.00467EPSS
Exploits0References4
Snyk
Snyk
added 2026/03/06 11:38 p.m.4 views

Header Injection

Overview Affected versions of this package are vulnerable to Header Injection in the parseCaddyfile function. An attacker can inject arbitrary values into trusted identity headers by supplying crafted HTTP headers when authenticated with a valid token, leading to unauthorized privilege escalation...

8.8CVSS5.9AI score0.00249EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/06 11:38 p.m.2 views

Header Injection

Overview Affected versions of this package are vulnerable to Header Injection in the parseCaddyfile function. An attacker can inject arbitrary values into trusted identity headers by supplying crafted HTTP headers when authenticated with a valid token, leading to unauthorized privilege escalation...

8.8CVSS5.9AI score0.00249EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/05 9:13 p.m.4 views

Improper Handling of Case Sensitivity

Overview Affected versions of this package are vulnerable to Improper Handling of Case Sensitivity in the processing of HTTP/1.1 requests when handling the Connection header with X-Forwarded headers. An attacker can cause the removal of forwarded identity headers by sending requests with lowercas...

9.8CVSS7.3AI score0.01513EPSS
Exploits0References2
OSV
OSV
added 2026/03/05 4:18 p.m.6 views

CVE-2026-29054 Traefik: lowercase `Connection` tokens can delete traefik-managed forwarded identity headers (for example, `X-Real-Ip`)

Traefik is an HTTP reverse proxy and load balancer. From version 2.11.9 to 2.11.37 and from version 3.1.3 to 3.6.8, there is a potential vulnerability in Traefik managing the Connection header with X-Forwarded headers. When Traefik processes HTTP/1.1 requests, the protection put in place to preve...

7.5CVSS7.1AI score0.00467EPSS
Exploits0References9
Rows per page
Query Builder