69 matches found
CVE-2026-54764
Summary of CVE-2026-54764 : Traefik’s ForwardAuth middleware can leak spoofed port information due to incorrect header handling when trustForwardHeader is false. Before fixes, the middleware derived X-Forwarded-Port from the original incoming request rather than the sanitized forwarded request, a...
CVE-2026-54764 ForwardAuth middleware leaks X-Forwarded-Port spoofing via untrusted X-Forwarded-Proto when trustForwardHeader=false
Traefik is an HTTP reverse proxy and load balancer. Prior to v2.11.51, v3.6.22, and v3.7.6, Traefik's ForwardAuth middleware, even when configured with trustForwardHeader: false, derives the X-Forwarded-Port header sent to the authentication service from the original incoming request instead of t...
CVE-2026-54764
Traefik is an HTTP reverse proxy and load balancer. Prior to v2.11.51, v3.6.22, and v3.7.6, Traefik's ForwardAuth middleware, even when configured with trustForwardHeader: false, derives the X-Forwarded-Port header sent to the authentication service from the original incoming request instead of t...
CVE-2026-40594
pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev98, the setsessioncookiesecure beforerequest handler in src/pyload/webui/app/init.py reads the X-Forwarded-Proto header from any HTTP request without validating that the request originates from a trusted prox...
CVE-2026-40594
pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev98, the setsessioncookiesecure beforerequest handler in src/pyload/webui/app/init.py reads the X-Forwarded-Proto header from any HTTP request without validating that the request originates from a trusted prox...
CVE-2026-40594
CVE-2026-40594 affects pyLoad: the set_session_cookie_secure before_request in pyload/webui/app/init .py reads X-Forwarded-Proto without origin validation and mutates the global Flask SESSION_COOKIE_SECURE on every request. With Cheroot’s multi-threaded server (request_queue_size=512), this creat...
GHSA-MP82-FMJ6-F22V pyLoad has a Session Cookie Security Downgrade via Untrusted X-Forwarded-Proto Header Spoofing (Global State Race Condition)
Summary The setsessioncookiesecure beforerequest handler in src/pyload/webui/app/init.py reads the X-Forwarded-Proto header from any HTTP request without validating that the request originates from a trusted proxy, then mutates the global Flask configuration SESSIONCOOKIESECURE on every request...
CVE-2026-33495
ORY Oathkeeper is an Identity & Access Proxy IAP and Access Control Decision API that authorizes HTTP requests based on sets of Access Rules. Ory Oathkeeper is often deployed behind other components like CDNs, WAFs, or reverse proxies. Depending on the setup, another component might forward the...
CVE-2026-33495 Ory Oathkeeper has an authentication bypass by usage of untrusted header
ORY Oathkeeper is an Identity & Access Proxy IAP and Access Control Decision API that authorizes HTTP requests based on sets of Access Rules. Ory Oathkeeper is often deployed behind other components like CDNs, WAFs, or reverse proxies. Depending on the setup, another component might forward the...
Ory Oathkeeper 安全漏洞
Ory Oathkeeper is an access control decision-making software developed by Ory OpenSource. Versions of Ory Oathkeeper prior to 26.2.0 contained security vulnerabilities. These vulnerabilities stemmed from incorrect configuration settings, where the header X-Forwarded-Proto was trusted indefinitely...
CVE-2026-3635
A flaw was found in fastify. When the trustProxy option is configured with a restrictive trust function, such as a specific IP, a subnet, a hop count or a custom function, the request.protocol and request.host getters read X-Forwarded-Proto and X-Forwarded-Host headers from any connection,...
Astro - Broken Access Control
Astro 2.16.0 to 5.15.5 contains a broken access control caused by insecure use of unsanitized x-forwarded-proto and x-forwarded-port headers in URL building, letting attackers bypass middleware protection, cause DoS, SSRF, and URL pollution, exploit requires crafted headers. id: CVE-2025-64525...
CLEANSTART-2026-AM95501 When using the RemoteIpFilter with requests received from a reverse proxy via HTTP that include the X-Forwarded-Proto header set to https, session cookies created by Apache Tomcat 11
Multiple security vulnerabilities affect the tomcat10 package. When using the RemoteIpFilter with requests received from a reverse proxy via HTTP that include the X-Forwarded-Proto header set to https, session cookies created by Apache Tomcat 11. See references for individual vulnerability detail...
CLEANSTART-2026-CD66042 When using the RemoteIpFilter with requests received from a reverse proxy via HTTP that include the X-Forwarded-Proto header set to https, session cookies created by Apache Tomcat 11
Multiple security vulnerabilities affect the tomcat9 package. When using the RemoteIpFilter with requests received from a reverse proxy via HTTP that include the X-Forwarded-Proto header set to https, session cookies created by Apache Tomcat 11. See references for individual vulnerability details...
CLEANSTART-2026-XP03839 When using the RemoteIpFilter with requests received from a reverse proxy via HTTP that include the X-Forwarded-Proto header set to https, session cookies created by Apache Tomcat 11
Multiple security vulnerabilities affect the tomcat9 package. When using the RemoteIpFilter with requests received from a reverse proxy via HTTP that include the X-Forwarded-Proto header set to https, session cookies created by Apache Tomcat 11. See references for individual vulnerability details...
Server-side Request Forgery (SSRF)
Overview astro is an Astro is a modern site builder with web best practices, performance, and DX front-of-mind. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the x-forwarded-proto and x-forwarded-port headers due to improper input sanitization when...
EUVD-2018-11829
Malware in sbrugna...
EUVD-2024-0712
Malicious code in bioql PyPI...
ROS-20250828-03
The Apache Tomcat application server vulnerability is due to Apache Tomcat not setting the attribute "Secure" attribute for session cookie JSESSIONID when using RemoteIpFilter with requests, received from a reverse proxy server over HTTP and containing an X-Forwarded-Proto header set to on https...
Oak Server has ReDoS in x-forwarded-proto and x-forwarded-for headers
Summary With specially crafted value of the x-forwarded-proto or x-forwarded-for headers, it's possible to significantly slow down an oak server. Vulnerable Code - https://github.com/oakserver/oak/blob/v17.1.5/request.tsL87 - https://github.com/oakserver/oak/blob/v17.1.5/request.tsL142 PoC - setu...