Vulnerabilities > Greenpau > Caddy Security
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-17 | CVE-2024-21493 | Unspecified vulnerability in Greenpau Caddy-Security All versions of the package github.com/greenpau/caddy-security are vulnerable to Improper Validation of Array Index when parsing a Caddyfile. | 5.3 |
| 2024-02-17 | CVE-2024-21494 | Unspecified vulnerability in Greenpau Caddy-Security All versions of the package github.com/greenpau/caddy-security are vulnerable to Authentication Bypass by Spoofing via the X-Forwarded-For header due to improper input sanitization. | 5.4 |
| 2024-02-17 | CVE-2024-21495 | Unspecified vulnerability in Greenpau Caddy-Security Versions of the package github.com/greenpau/caddy-security before 1.0.42 are vulnerable to Insecure Randomness due to using an insecure random number generation library which could possibly be predicted via a brute-force search. | 9.8 |
| 2024-02-17 | CVE-2024-21497 | Unspecified vulnerability in Greenpau Caddy-Security All versions of the package github.com/greenpau/caddy-security are vulnerable to Open Redirect via the redirect_url parameter. | 6.1 |
| 2024-02-17 | CVE-2024-21499 | Unspecified vulnerability in Greenpau Caddy-Security All versions of the package github.com/greenpau/caddy-security are vulnerable to HTTP Header Injection via the X-Forwarded-Proto header due to redirecting to the injected protocol.Exploiting this vulnerability could lead to bypass of security mechanisms or confusion in handling TLS. | 4.3 |