You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
Initial debug-host handler implementation could leak information and facilitate denial of service
Moderate severity
GitHub Reviewed
Published
Jan 26, 2023
in
fortio/proxy
•
Updated Jan 27, 2023
Impact
version 1.5.0 and 1.6.0 when using the new
debug-host
feature could expose unnecessary information about the hostPatches
Use 1.6.1 or newer
Workarounds
Downgrade to 1.4.0 or set
debug-host
to emptyReferences
fortio/proxy#38
Q&A https://github.com/fortio/proxy/discussions
References