Security flaws in an SSO plugin for Caddy(blog.trailofbits.com) |
Security flaws in an SSO plugin for Caddy(blog.trailofbits.com) |
> August 7, 2023: We reported our findings to the caddy-security plugin maintainers.
> August 23, 2023: The caddy-security plugin maintainers confirmed that there were no near-term plans to act on the reported vulnerabilities.
Shows that reviewing dependencies is not optional. Hundreds of stars on GitHub is not a helpful data point, even if my own monkey brain says otherwise.