EPSS
Percentile
71.0%
github.com/caddyserver/caddy is vulnerable to authentication bypass. When TLS is used for client authentication, it does not enforce a tls: StrictHostMatching mode for client authentication, leading to a bypass of TLS authentication.
tls: StrictHostMatching
bugs.gentoo.org/715214
github.com/caddyserver/caddy/commit/4d9ee000c8d2cbcdd8284007c1e0f2da7bc3c7c3
github.com/caddyserver/caddy/pull/2099
github.com/caddyserver/caddy/releases/tag/v0.10.13