Security: fabiolb/fabio
Security
No security policy detected
This project has not set up a SECURITY.md file yet.
Report a vulnerability-
Incomplete fix for CVE-2025-48865: operator-configured trust headers (clientip/tls/requestid) still strippable via the Connection headerGHSA-fq95-v8xc-jm3v published
Jul 3, 2026 by tristanmorganModerate -
HTTP clients can manipulate custom headers added by FabioGHSA-q7p4-7xjv-j3wf published
May 28, 2025 by tristanmorganCritical
Learn more about advisories related to fabiolb/fabio in the GitHub Advisory Database