Описание
Caddy before 0.10.13 mishandles TLS client authentication, as demonstrated by an authentication bypass caused by the lack of the StrictHostMatching mode.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| caddy | not-affected | package |
EPSS
Процентиль: 66%
0.00525
Низкий
Связанные уязвимости
CVSS3: 9.8
nvd
больше 5 лет назад
Caddy before 0.10.13 mishandles TLS client authentication, as demonstrated by an authentication bypass caused by the lack of the StrictHostMatching mode.
CVSS3: 9.8
github
больше 3 лет назад
Caddy vulnerable to Authentication Bypass due to mishandling of TLS client authentication
EPSS
Процентиль: 66%
0.00525
Низкий