Homepage
About Snyk

Information Exposure Affecting github.com/caddyserver/caddy/caddytls package, versions <0.11.1

Severity

 Recommended
0.0
low
0
10

CVSS assessment made by Snyk's Security Team

    Threat Intelligence

    EPSS
    0.12% (48th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk ID SNYK-GOLANG-GITHUBCOMCADDYSERVERCADDYCADDYTLS-6673858
  • published 25 Apr 2024
  • disclosed 14 May 2022
  • credit Max Lielje, Deleted user
Report a new vulnerability Found a mistake?

Introduced: 14 May 2022

CVE-2018-19148 Open this link in a new tab
CWE-200 Open this link in a new tab

How to fix?

Upgrade github.com/caddyserver/caddy/caddytls to version 0.11.1 or higher.

Overview

Affected versions of this package are vulnerable to Information Exposure due to the server's handling of invalid requests. Specifically when it cannot match a Host header with a vhost in its configuration, it serves the X.509 certificate for a randomly selected vhost. Repeated requests with a nonexistent hostname in the Host header allow for the full enumeration of all certificates on the server, thereby enabling an attacker to easily and accurately discover the existence of and relationships among hostnames that were not intended to be public.

CVSS Scores

version 3.1
Expand this section

Snyk

Recommended
3.7 low
  • Attack Vector (AV)
    Network
  • Attack Complexity (AC)
    High
  • Privileges Required (PR)
    None
  • User Interaction (UI)
    None
  • Scope (S)
    Unchanged
  • Confidentiality (C)
    Low
  • Integrity (I)
    None
  • Availability (A)
    None