—
GO-2026-5097
Heimdall has an authorization bypass via path normalization mismatch in github.com/dadrus/heimdall
상세
Heimdall has an authorization bypass via path normalization mismatch in github.com/dadrus/heimdall
이 버전이 영향받나요?
사용 중인 패키지 버전을 입력하면 즉시 평가합니다.
영향 패키지
Go / github.com/dadrus/heimdall
최초 영향 버전:
0 수정 버전: 0.17.14 수정
go get github.com/dadrus/heimdall@v0.17.14 참고
- https://github.com/dadrus/heimdall/security/advisories/GHSA-3q34-rx83-r6mq [ADVISORY]
- https://nvd.nist.gov/vuln/detail/CVE-2026-42274 [ADVISORY]
- https://github.com/dadrus/heimdall/commit/b5dfa484b7a8c2ce6d8691c026f9da867719947a [FIX]
- https://github.com/dadrus/heimdall/pull/3209 [FIX]
- https://github.com/dadrus/heimdall/releases/tag/v0.17.14 [WEB]
- https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/filters/network/http_connection_manager/v3/http_connection_manager.proto#envoy-v3-api-field-extensions-filters-network-http-connection-manager-v3-httpconnectionmanager-normalize-path [WEB]