Lucene search
K
GithubRecent

33225 matches found

Github Security Blog
Github Security Blog
added 2026/04/28 12:31 a.m.10 views

Spring Boot's Cassandra SSL auto-configuration disables TLS hostname verification

Spring Boot's Cassandra auto-configuration does not perform hostname verification when establishing an SSL connection to Cassandra. Affected: Spring Boot 4.0.0–4.0.5 fix 4.0.6, 3.5.0–3.5.13 fix 3.5.14, 3.4.0–3.4.15 fix 3.4.16, 3.3.0–3.3.18 fix 3.3.19, 2.7.0–2.7.32 fix 2.7.33; Cassandra SSL...

9.8CVSS5.8AI score0.00182EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/28 12:31 a.m.8 views

Spring Boot's PID file write follows symlinks at predictable default path

When an application is configured to use ApplicationPidFileWriter, a local attacker with write access to the PID file's location can corrupt one file on the host each time the application is started. Affected: Spring Boot 4.0.0–4.0.5 fix 4.0.6, 3.5.0–3.5.13 fix 3.5.14, 3.4.0–3.4.15 fix 3.4.16,...

6.7CVSS5.8AI score0.00112EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/28 12:31 a.m.9 views

Spring Boot's default security filter chain has no authorization rule with Actuator but without Health

In certain circumstances, Spring Boot's default web security is ineffective allowing unauthorized access to all endpoints. For an application to be vulnerable, it must: be a servlet-based web application; have no Spring Security configuration of its own and rely on the default web security filter...

9.1CVSS5.8AI score0.00489EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/28 12:31 a.m.8 views

Spring Boot DevTools remote secret comparison is vulnerable to timing attacks

An attacker on the same network as the remote application may be able to utilize a timing attack to discover information about the remote secret. In extreme circumstances this could result in the attacker determining the secret and uploading changed classes, thereby achieving remote code executio...

7.5CVSS6.4AI score0.00262EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/28 12:31 a.m.9 views

mkdocs-mcp-plugin has a Path Traversal issue

A vulnerability was found in douinc mkdocs-mcp-plugin up to 0.4.1. This affects the function readdocument/listdocuments of the file server.py. Performing a manipulation of the argument docsdir/filepath results in path traversal. The attack is possible to be carried out remotely. The exploit has...

7.5CVSS6.7AI score0.00426EPSS
Exploits0References8Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/28 12:31 a.m.10 views

Spring Boot's RabbitMQ auto-configuration doesn't perform hostname verification when connecting to the RabbitMQ broker

When configured to use an SSL bundle, Spring Boot's RabbitMQ auto-configuration does not perform hostname verification when connecting to the RabbitMQ broker. Affected: Spring Boot 4.0.0–4.0.5 fix 4.0.6, 3.5.0–3.5.13 fix 3.5.14 per vendor advisory...

9.1CVSS5.8AI score0.00157EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/27 9:31 p.m.9 views

mcp-url-downloader has a Server-Side Request Forgery issue

A vulnerability has been found in dmitryglhf mcp-url-downloader up to 4b8cf2de55f6e8864a77d108e8a94a5b8e4394c6. Affected by this issue is the function validateurlsafe of the file src/mcpurldownloader/server.py. Such manipulation of the argument url leads to server-side request forgery. The attack...

7.5CVSS6.7AI score0.00294EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/27 9:31 p.m.13 views

Pimcore has an authenticated Cross-site Scripting issue

An authenticated attacker with permission to edit document content can store crafted HTML/JavaScript in a Document embed editable and cause script execution when the published page is rendered. This issue affects pimcore: v12.3.3...

5.4CVSS5.9AI score0.00194EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/27 9:31 p.m.8 views

kaggle-mcp has a Path Traversal issue

A vulnerability has been found in dexhunter kaggle-mcp up to 406127ffcb2b91b8c10e20e6c2ca787fbc1dc92d. This vulnerability affects the function preparekaggledataset of the file src/kagglemcp/server.py. The manipulation of the argument competitionid leads to path traversal. The attack is possible t...

7.5CVSS6.7AI score0.00411EPSS
Exploits0References7Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/27 9:31 p.m.12 views

Duplicate Advisory: Pimcore admin users can trigger SQL Injection

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-r2f4-ff2p-xc64. This link is maintained to preserve external references. Original Description An authenticated administrative user who can import or save DataObject class definitions can inject attacker-controll...

7CVSS5.9AI score0.00346EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/27 9:31 p.m.8 views

auto-favicon has a Server-Side Request Forgery issue

A vulnerability was found in dh1011 auto-favicon up to f189116a9259950c2393f114dbcb94dde0ad864b. This issue affects the function generatefaviconfromurl of the file src/autofavicon/server.py of the component MCP Tool. The manipulation of the argument imageurl results in server-side request forgery...

6.5CVSS6.2AI score0.00201EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/27 9:31 p.m.9 views

Spring Boot's Elasticsearch auto-configuration doesn't perform hostname verification when connecting to the Elasticsearch server.

When configured to use an SSL bundle, Spring Boot's Elasticsearch auto-configuration does not perform hostname verification when connecting to the Elasticsearch server. Affected: Spring Boot 4.0.0–4.0.5; upgrade to 4.0.6 or later per vendor advisory...

6.8CVSS5.8AI score0.00136EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/27 6:32 p.m.9 views

vLLM makes Use of Uninitialized Resource

A vulnerability was found in vLLM up to 0.19.0. The affected element is the function hasmambalayers of the file vllm/v1/kvcacheinterface.py of the component KV Block Handler. Performing a manipulation results in uninitialized resource. It is possible to initiate the attack remotely. The attack is...

6.3CVSS5.5AI score0.00288EPSS
Exploits0References9Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/27 6:32 p.m.8 views

Wooey has an Incorrect Privilege Assignment issue

A vulnerability was determined in Wooey up to 0.13.2. The impacted element is the function addorupdatescript of the file wooey/api/scripts.py of the component API Endpoint. Executing a manipulation can lead to improper authorization. It is possible to launch the attack remotely. The exploit has...

6.5CVSS6.2AI score0.00214EPSS
Exploits0References10Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/27 3:30 p.m.14 views

pip Vulnerable to Inclusion of Functionality from Untrusted Control Sphere

pip prior to version 26.1 would run self-update check functionality after installing wheel files which required importing well-known Python modules names. These module imports were intentionally deferred to increase startup time of the pip CLI. The patch changes self-update functionality to run...

5.3CVSS5.8AI score0.00138EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/27 3:30 p.m.8 views

Apache Storm Prometheus Reporter vulnerable to Improper Certificate Validation via Global SSL Context Downgrade

Improper Certificate Validation via Global SSL Context Downgrade in Apache Storm Prometheus Reporter Versions Affected: from 2.6.3 to 2.8.6 Description: In production deployments where an administrator enables storm.daemon.metrics.reporter.plugin.prometheus.skiptlsvalidation by default it is...

4.8CVSS5.8AI score0.00193EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/27 3:30 p.m.9 views

Apache Storm's Improper Handling of TLS Client Authentication Failure Leads to Anonymous Principal Assignment

Improper Handling of TLS Client Authentication Failure Leading to Anonymous Principal Assignment in Apache Storm Versions Affected: up to 2.8.7 Description: When TLS transport is enabled in Apache Storm without requiring client certificate authentication the default configuration, the...

6.5CVSS5.7AI score0.00286EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/27 12:30 p.m.8 views

Apache Camel-Infinispan Component Vulnerable to Deserialization of Untrusted Data

The camel-infinispan component's ProtoStream-based remote aggregation repository deserializes data read from a remote Infinispan cache using java.io.ObjectInputStream without applying any ObjectInputFilter. An attacker who can write to the Infinispan cache used by a Camel application can inject a...

8.8CVSS6.4AI score0.00711EPSS
Exploits2References17Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/27 12:30 p.m.22 views

Apache MINA Vulnerable to Deserialization of Untrusted Data (CVE-2024-52046 Incomplete Fix)

The fix for CVE-2024-52046 in Apache MINA AbstractIoBuffer.getObject was incomplete. The classname allowlist of classes allowed to be deserialized was applied too late after a static initializer in a class to be read might already have been executed. Affected versions are Apache MINA 2.0.0 =...

10CVSS7.3AI score0.23932EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/27 12:30 p.m.12 views

Apache camel-coap allows header injection that can lead to remote code execution

Apache Camel's camel-coap component is vulnerable to header injection because it maps CoAP request URI query parameters directly into Camel message headers without applying a HeaderFilterStrategy. An unauthenticated attacker can send a crafted CoAP request to inject arbitrary Camel internal heade...

10CVSS6AI score0.06157EPSS
Exploits2References11Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/27 12:30 p.m.11 views

Apache Camel-Consul component vulnerable to Deserialization of Untrusted Data

The ConsulRegistry in the camel-consul component class org.apache.camel.component.consul.ConsulRegistry and its inner ConsulRegistryUtils.deserialize method read Java-serialized values from the Consul KV store and passed them to ObjectInputStream.readObject without configuring an ObjectInputFilte...

8.8CVSS6.3AI score0.00667EPSS
Exploits1References10Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/27 12:30 p.m.12 views

Apache Camel Vulnerable to Authentication Bypass Using an Alternate Path or Channel

When authentication is enabled on the Apache Camel embedded HTTP server or embedded management server camel-platform-http-main and a non-root context path such as /api or /admin is configured via camel.server.path or camel.management.path, the BasicAuthenticationConfigurer and...

8.2CVSS5.8AI score0.00622EPSS
Exploits1References10Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/27 12:30 p.m.8 views

Apache Camel's Camel-Mail component is vulnerable to Camel message header injection

The Camel-Mail component is vulnerable to Camel message header injection. The custom header filter strategy used by the component MailHeaderFilterStrategy only filters the 'out' direction via setOutFilterStartsWith, while it does not configure the 'in' direction via setInFilterStartsWith. As a...

9.4CVSS7.2AI score0.00621EPSS
Exploits1References17Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/27 9:34 a.m.14 views

Apache MINA vulnerable to Deserialization of Untrusted Data

Apache MINA's AbstractIoBuffer.resolveClass contains two branches, one of them for static classes or primitive types does not check the class at all, bypassing the classname allowlist and allowing arbitrary code to be executed. The fix checks if the class is present in the accepted class...

9.8CVSS6AI score0.0064EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/27 9:34 a.m.9 views

Camel-MINA Vulnerable to Deserialization of Untrusted Data

The camel-mina component's MinaConverter.toObjectInputIoBuffer type converter wraps an IoBuffer in a java.io.ObjectInputStream without applying any ObjectInputFilter or class-loading restrictions. When a Camel route uses camel-mina as a TCP or UDP consumer and requests conversion to ObjectInput f...

8.8CVSS6.3AI score0.00926EPSS
Exploits2References11Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/27 9:34 a.m.15 views

Apache Camel has an incomplete fix for CVE-2025-27636

The fix for CVE-2025-27636 added setLowerCasetrue to HttpHeaderFilterStrategy so that case-variant header names such as 'CAmelExecCommandExecutable' are filtered out alongside 'CamelExecCommandExecutable'. The same setLowerCasetrue call was not applied to five non-HTTP HeaderFilterStrategy...

9.9CVSS7.7AI score0.79817EPSS
Exploits4References10Affected Software4
Github Security Blog
Github Security Blog
added 2026/04/27 9:34 a.m.10 views

Camel-PQC Vulnerable to Deserialization of Untrusted Data

The Camel-PQC FileBasedKeyLifecycleManager class deserializes the contents of .key files in the configured key directory using java.io.ObjectInputStream without applying any ObjectInputFilter or class-loading restrictions. The cast to java.security.KeyPair is evaluated only after readObject has...

7.8CVSS6.4AI score0.00342EPSS
Exploits1References9Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/27 12:30 a.m.8 views

Dynamic-Datasource has an Injection vulnerability

A vulnerability was determined in baomidou dynamic-datasource 2.5.0. Affected by this vulnerability is the function DsSpelExpressionProcessordoDetermineDatasource of the file dynamic-datasource-spring/src/main/java/com/baomidou/dynamic/datasource/processor/DsSpelExpressionProcessor.java of the...

6.5CVSS6.3AI score0.00237EPSS
Exploits0References9Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/26 6:31 a.m.14 views

Ollama is Vulnerable to Path Traversal

A security flaw has been discovered in Ollama up to 0.20.2. This affects the function digestToPath of the file x/imagegen/transfer/transfer.go of the component Tensor Model Transfer Handler. The manipulation of the argument digest results in path traversal. The attack may be performed from remote...

6.3CVSS5.4AI score0.00908EPSS
Exploits2References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/25 11:51 p.m.47 views

OpenClaw: Agent gateway config mutations could change protected operator settings

Affected Packages / Versions - Package: openclaw npm - Affected versions: 2026.4.20 - Patched version: 2026.4.20 Impact The agent-facing gateway config.patch / config.apply guard did not cover several operator-trusted settings, including sandbox policy, plugin enablement, gateway auth/TLS, hook...

5.4AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/25 11:50 p.m.11 views

OpenClaw: Bundled MCP/LSP tools could bypass configured tool policy

Affected Packages / Versions - Package: openclaw npm - Affected versions: 2026.4.20 - Patched version: 2026.4.20 Impact Bundled MCP and LSP tools could be appended to the agent's effective tool set after the normal tool-policy pipeline had already filtered core tools. If an operator configured a...

5.4AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/25 11:50 p.m.10 views

OpenClaw: Workspace dotenv MiniMax host override could redirect credentialed requests

Affected Packages / Versions - Package: openclaw npm - Affected versions: = 2026.4.5, 2026.4.20 - Patched version: 2026.4.20 Impact A malicious workspace .env could set MINIMAXAPIHOST and redirect credentialed MiniMax requests to an attacker-controlled origin, exposing the MiniMax API key in the...

5CVSS5.2AI score0.00119EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/25 11:49 p.m.12 views

OpenClaw: Browser CDP profile creation skipped strict-mode SSRF checks

Affected Packages / Versions - Package: openclaw npm - Affected versions: 2026.4.20 - Patched version: 2026.4.20 Impact Browser profile creation normalized cdpUrl values before persisting them, but did not apply the configured browser SSRF policy at creation time. In deployments that explicitly...

5.2AI score
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/25 11:49 p.m.12 views

OpenClaw: Paired-device pairing actions were not limited to the caller device

Affected Packages / Versions - Package: openclaw npm - Affected versions: 2026.4.20 - Patched version: 2026.4.20 Impact A paired device session with limited pairing scope could enumerate global pairing state and act on pairing requests that belonged to another device within the same gateway scope...

5.4AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/25 11:48 p.m.13 views

OpenClaw: QQBot direct media upload skipped URL SSRF validation

Affected Packages / Versions - Package: openclaw npm - Affected versions: 2026.4.20 - Patched version: 2026.4.20 Impact The QQBot direct-upload media path could forward attacker-controlled image URLs without applying the SSRF validation used by the local download path. This could make configured...

6.3CVSS5.5AI score0.00236EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/25 11:48 p.m.14 views

OpenClaw: MCP stdio server env could load dangerous startup variables from workspace config

Affected Packages / Versions - Package: openclaw npm - Affected versions: 2026.4.20 - Patched version: 2026.4.20 Impact Workspace MCP stdio configuration could pass dangerous process-startup environment variables such as NODEOPTIONS, LDPRELOAD, or BASHENV to the spawned MCP server process. In a...

7.3CVSS5.4AI score0.00136EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/25 11:47 p.m.11 views

OpenClaw: Isolated cron awareness events were recorded as trusted system events

Affected Packages / Versions - Package: openclaw npm - Affected versions: 2026.4.20 - Patched version: 2026.4.20 Impact Output from webhook-triggered isolated cron agent runs could be queued into the main session awareness stream without trusted: false. That made the event render as a trusted...

6.3CVSS5.2AI score0.00151EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/25 11:47 p.m.10 views

OpenClaw: Workspace dotenv could override runtime-control environment variables

Affected Packages / Versions - Package: openclaw npm - Affected versions: 2026.4.20 - Patched version: 2026.4.20 Impact Workspace .env loading did not reserve the OPENCLAW runtime-control namespace broadly enough. A malicious workspace could set variables such as OPENCLAWGITDIR before source-upda...

8.5CVSS5.2AI score0.00129EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/25 11:46 p.m.9 views

OpenClaw: Feishu card actions could misclassify DMs and skip dmPolicy

Affected Packages / Versions - Package: openclaw npm - Affected versions: 2026.4.20 - Patched version: 2026.4.20 Impact Feishu card-action callbacks could synthesize a message event with DM conversations classified as group conversations. That skipped dmPolicy enforcement for card actions, so a...

5.3AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/25 11:45 p.m.12 views

OpenClaw: Assistant media route missed scope enforcement for trusted-proxy authorization

Affected Packages / Versions - Package: openclaw npm - Affected versions: 2026.4.20 - Patched version: 2026.4.20 Impact The Control UI assistant-media route authenticated trusted-proxy callers but did not enforce the declared operator scopes for identity-bearing HTTP auth paths. A trusted-proxy...

6.5CVSS5.3AI score0.00222EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/25 11:45 p.m.9 views

OpenClaw: Hook mapping templates could bypass hook session-key opt-in

Affected Packages / Versions - Package: openclaw npm - Affected versions: 2026.4.20 - Patched version: 2026.4.20 Impact Templated hook mapping sessionKey values were treated differently from request-supplied session keys. A hook mapping could render an externally influenced session key even when...

6.3CVSS5.5AI score0.00279EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/25 11:42 p.m.19 views

GitPython has Command Injection via Git options bypass

Summary GitPython blocks dangerous Git options such as --upload-pack and --receive-pack by default, but the equivalent Python kwargs uploadpack and receivepack bypass that check. If an application passes attacker-controlled kwargs into Repo.clonefrom, Remote.fetch, Remote.pull, or Remote.push, th...

8.8CVSS6.2AI score0.00719EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/25 11:41 p.m.9 views

GitPython: Unsafe option check validates multi_options before shlex.split transformation

Summary clone validates multioptions as the original list, then executes shlex.split" ".joinmultioptions. A string like "--branch main --config core.hooksPath=/x" passes validation starts with --branch, but after split becomes "--branch", "main", "--config", "core.hooksPath=/x". Git applies the...

9.8CVSS5.6AI score0.00571EPSS
Exploits1References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/25 11:40 p.m.22 views

Note Mark: Unauthenticated read of notes and assets in soft-deleted public books

Summary After a note-mark owner soft-deletes a public book, its notes and uploaded assets stay readable at /api/notes/id, /api/notes/id/content, the slug URL, and the asset endpoints. Unauthenticated callers who hold the note ID or the slug path retain access. GORM's soft-delete scope does not...

5.3CVSS5.8AI score0.00194EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/25 11:40 p.m.12 views

Note Mark: OIDC-registered users authenticated by submitting password "null"

Summary IsPasswordMatch in backend/db/models.go falls back to a hard-coded bcrypt"null" placeholder whenever a user has no stored password. OIDC-registered users are created with an empty password, so anyone who submits password: "null" to the internal login endpoint receives a valid session for...

9.4CVSS5.4AI score0.00296EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/25 11:39 p.m.18 views

Cillium exposes sensitive information included in the cilium-bugtool debug archive

Impact The output of cilium-bugtool can contain sensitive data when the tool is run against Cilium deployments with WireGuard encryption enabled. Users of WireGuard Transparent Encryption are affected. The sensitive data is the WireGuard private key ciliumwg0.key used for node-to-node encrypted...

7.9CVSS5.5AI score0.00077EPSS
Exploits0References7Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/25 11:35 p.m.17 views

n8n-MCP: Sensitive MCP tool-call arguments logged on authenticated requests in HTTP mode

Impact When n8n-mcp runs in HTTP transport mode, authenticated MCP tools/call requests had their full arguments and JSON-RPC params written to server logs by the request dispatcher and several sibling code paths before any redaction. When a tool call carries credential material — most notably...

4.3CVSS5.6AI score0.0025EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/25 11:34 p.m.12 views

zrok: WebDAV drive backend follows symlinks outside DriveRoot, enabling host filesystem read/write

Summary The zrok WebDAV drive backend davServer.Dir restricts path traversal through lexical normalization but does not prevent symlink following. When a symbolic link inside the shared DriveRoot points to a location outside that root, remote WebDAV consumers can read files and—on shares without...

8.7CVSS5.7AI score0.0033EPSS
Exploits0References5Affected Software2
Github Security Blog
Github Security Blog
added 2026/04/25 11:30 p.m.78 views

Heimdall has an authorization bypass via path normalization mismatch

Summary Heimdall performs rule matching on the raw non-normalized request path, while downstream components may normalize dot-segments according to RFC 3986, Section 6.2.2.3. This discrepancy can result in heimdall authorizing a request for one path e.g., /user/../admin, or URL-encoded variants...

7.8CVSS5.4AI score0.00368EPSS
Exploits0References8Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/25 11:30 p.m.17 views

Heimdall: Case-sensitive host matching may lead to policy bypass

Summary Heimdall performs host matching in a case-sensitive manner, while HTTP hostnames are case-insensitive. This discrepancy can result in heimdall failing to match a rule for a request host that differs only in letter casing, potentially causing the request to be classified differently than...

7.8CVSS5.4AI score0.00301EPSS
Exploits0References6Affected Software1
Total number of security vulnerabilities33225