Lucene search
PRIOn knowledge basePRION:CVE-2024-21494HistoryFeb 17, 2024 - 5:15 a.m.
Authentication flaw
2024-02-1705:15:00
PRIOn knowledge base
www.prio-n.com
7
vulnerability
authentication bypass
spoofing
x-forwarded-for
input sanitization
user identity module
unauthorized access
trust flaw
All versions of the package github.com/greenpau/caddy-security are vulnerable to Authentication Bypass by Spoofing via the X-Forwarded-For header due to improper input sanitization. An attacker can spoof an IP address used in the user identity module (/whoami API endpoint). This could lead to unauthorized access if the system trusts this spoofed IP address.
Related
veracode
veracode
Authentication Bypass Via Spoofing
2024-02-19 03:48:47
osv
osv
Authentication Bypass by Spoofing in github.com/greenpau/caddy-security
2024-06-28 15:28:53
Authentication Bypass by Spoofing in github.com/greenpau/caddy-security
2024-02-17 06:30:34
cve
cve
CVE-2024-21494
2024-02-17 05:15:09
github
github
Authentication Bypass by Spoofing in github.com/greenpau/caddy-security
2024-02-17 06:30:34
cvelist
cvelist
CVE-2024-21494
2024-02-17 05:00:07
nvd
nvd
CVE-2024-21494
2024-02-17 05:15:09