Package impact
Go / github.com/dadrus/heimdall
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-42274 | high | — | 8.0 | 22d ago | Heimdall has an authorization bypass via path normalization mismatch | |||
| CVE-2026-42273 | high | — | 8.0 | 22d ago | Heimdall: Case-sensitive host matching may lead to policy bypass | |||
| CVE-2026-42272 | high | — | 8.0 | 22d ago | Heimdall: Case-sensitive handling of URL-encoded slashes may lead to inconsistent path interpretation | |||
| CVE-2026-32811 | unknown | — | — | 2mo ago | Heimdall: Path received via Envoy gRPC corrupted when containing query string in github.com/dadrus/heimdall |