Lucene search
K

4 matches found

NVD
NVD
added 2024/02/17 5:15 a.m.13 views

CVE-2024-21499

All versions of the package github.com/greenpau/caddy-security are vulnerable to HTTP Header Injection via the X-Forwarded-Proto header due to redirecting to the injected protocol.Exploiting this vulnerability could lead to bypass of security mechanisms or confusion in handling TLS...

4.3CVSS4.8AI score0.00499EPSS
Exploits0References3
Prion
Prion
added 2024/02/17 5:15 a.m.17 views

Design/Logic Flaw

All versions of the package github.com/greenpau/caddy-security are vulnerable to HTTP Header Injection via the X-Forwarded-Proto header due to redirecting to the injected protocol.Exploiting this vulnerability could lead to bypass of security mechanisms or confusion in handling TLS...

4.3CVSS7.5AI score0.00499EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/02/17 5:0 a.m.22 views

CVE-2024-21499

All versions of the package github.com/greenpau/caddy-security are vulnerable to HTTP Header Injection via the X-Forwarded-Proto header due to redirecting to the injected protocol.Exploiting this vulnerability could lead to bypass of security mechanisms or confusion in handling TLS...

4.3CVSS5.2AI score0.00499EPSS
Exploits0References3
Amazon
Amazon
added 2024/01/22 12:0 a.m.8 views

Medium: vsftpd

Issue Overview: ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can...

7.4CVSS7AI score0.02037EPSS
Exploits0
Rows per page
Query Builder