CVE-2018-21246
Published
CVSS v3
9.8
CRITICAL
CVSS v2
7.5
HIGH
Affected
1
PROJECT
Description
Caddy before 0.10.13 mishandles TLS client authentication, as demonstrated by an authentication bypass caused by the lack of the StrictHostMatching mode.
Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS
GitHub