—
GO-2026-5108
Heimdall: Case-sensitive handling of URL-encoded slashes may lead to inconsistent path interpretation in github.com/dadrus/heimdall
Details
Heimdall: Case-sensitive handling of URL-encoded slashes may lead to inconsistent path interpretation in github.com/dadrus/heimdall
Are you affected?
Enter the version of the package you're using.
Affected packages
Go / github.com/dadrus/heimdall
Introduced in:
0 Fixed in: 0.17.14 Fix
go get github.com/dadrus/heimdall@v0.17.14 References
- https://github.com/dadrus/heimdall/security/advisories/GHSA-43jv-5j4x-qv67 [ADVISORY]
- https://nvd.nist.gov/vuln/detail/CVE-2026-42272 [ADVISORY]
- https://github.com/dadrus/heimdall/commit/8b0de6aba23a047cfee3081df878271bb17f4351 [FIX]
- https://github.com/dadrus/heimdall/pull/3207 [FIX]
- https://github.com/dadrus/heimdall/releases/tag/v0.17.14 [WEB]