github.com/dadrus/heimdall

Go3 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting github.com/dadrus/heimdallpage 1 of 1

CVE-2026-42272HIGHCVSS 7.8EG 7.8✓ Fixed in 0.17.14
2026-05-08
Heimdall is a cloud native Identity Aware Proxy and Access Control Decision service. Prior to version 0.17.14, Heimdall handles URL-encoded slashes (%2F) in a case-sensitive manner, while percent-encoding is defined to be case-insensitive.…
CVE-2026-42273HIGHCVSS 7.8EG 7.8✓ Fixed in 0.17.14
2026-05-08
Heimdall is a cloud native Identity Aware Proxy and Access Control Decision service. Prior to version 0.17.14, Heimdall performs host matching in a case-sensitive manner, while HTTP hostnames are case-insensitive. This discrepancy can resu…
CVE-2026-42274HIGHCVSS 7.8EG 7.8✓ Fixed in 0.17.14
2026-05-08
Heimdall is a cloud native Identity Aware Proxy and Access Control Decision service. Prior to version 0.17.14, Heimdall performs rule matching on the raw (non-normalized) request path, while downstream components may normalize dot-segments…

Check whether github.com/dadrus/heimdall is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for github.com/dadrus/heimdall CVEs against the assets you own.

Start Free Scan →