Greenpau Caddy-security — known CVE vulnerabilities
Every CVE whose affected-product data names Greenpau Caddy-security, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2024-21495 — CVSS 6.5 (medium): Versions of the package github.com/greenpau/caddy-security before 1.0.42 are vulnerable to Insecure Randomness due to using an insecure…
CVE-2024-21494 — CVSS 5.4 (medium): All versions of the package github.com/greenpau/caddy-security are vulnerable to Authentication Bypass by Spoofing via the X-Forwarded-For…
CVE-2024-21497 — CVSS 5.4 (medium): Versions of the package github.com/greenpau/caddy-security are vulnerable to Open Redirect via the redirect_url parameter. An attacker…
CVE-2024-21493 — CVSS 5.3 (medium): All versions of the package github.com/greenpau/caddy-security are vulnerable to Improper Validation of Array Index when parsing a…
CVE-2024-21499 — CVSS 4.3 (medium): All versions of the package github.com/greenpau/caddy-security are vulnerable to HTTP Header Injection via the X-Forwarded-Proto header due…