Filtered by vendor Crystal Shard
Subscriptions
Filtered by product Http-protection
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-37056 | 1 Crystal Shard | 1 Http-protection | 2026-02-03 | 9.8 Critical |
| Crystal Shard http-protection 0.2.0 contains an IP spoofing vulnerability that allows attackers to bypass protection middleware by manipulating request headers. Attackers can hardcode consistent IP values across X-Forwarded-For, X-Client-IP, and X-Real-IP headers to circumvent security checks and gain unauthorized access. | ||||
Page 1 of 1.