Mastodon 代码问题漏洞

Mastodon is an open source social networking server based on ActivityPub by Mastodon Open Source. A code issue vulnerability exists in Mastodon versions prior to 4.5.4, prior to 4.4.11, prior to 4.3.17, and prior to 4.2.29, which stems from the lack of an IP address range restriction that could...

PT-2023-31567 · Caddy · Caddy-Geo-Ip

Name of the Vulnerable Software and Affected Versions: caddy-geo-ip versions 0.6.0 and earlier for Caddy 2 Description: The issue allows attackers to spoof their source IP address via an X-Forwarded-For header, which may bypass a protection mechanism, such as the trusted proxy directive in revers...