← Toutes les vulnérabilités
MEDIUMSupply chain
GHSA-VCC4-2C75-VC9V
go · github.com/caddyserver/caddy/v2
Résumé
Caddy: stripHTML template function bypass
Références
Vulnérabilités liées
Tout Supply chain →- HIGHGHSA-38X9-25WX-7FG2
Heimdall: IP Spoofing via Unvalidated Forwarding Headers
- HIGHGHSA-V2QM-5WXJ-QHJ7
Open WebUI: Stored XSS to Account Takeover via Model Profile Images
- MEDIUMGHSA-CRMM-HGP2-WGRP
Laravel Framework: Temporary Signed URL Path Confusion
- MEDIUMGHSA-Q59X-JC9F-GFQF
Signal K Server: Server-Side Request Forgery via Remote Connection Endpoints
- MEDIUMGHSA-5739-39V2-5754
PHP JWT Library: RSA1_5 (RSAES-PKCS1-v1_5) decryption lacks implicit rejection, exposing a Bleichenbacher/Marvin padding oracle
- HIGHGHSA-JC38-X7X8-2XC8
PHP JWT Framework: JWSVerifier uses algorithm from unprotected header, enabling algorithm confusion attacks