VYPR

rpm package

suse/caddy&distro=SUSE Package Hub 15 SP4

pkg:rpm/suse/caddy&distro=SUSE%20Package%20Hub%2015%20SP4

Vulnerabilities (2)

  • CVE-2022-34037HigJul 22, 2022
    affected < 2.5.2-bp154.2.8.1fixed 2.5.2-bp154.2.8.1

    An out-of-bounds read in the rewrite function at /modules/caddyhttp/rewrite/rewrite.go in Caddy v2.5.1 allows attackers to cause a Denial of Service (DoS) via a crafted URI. Note: This has been disputed as a bug, not a security vulnerability, in the Caddy web server that emerged

  • CVE-2022-29718MedJun 2, 2022
    affected < 2.5.1-bp154.2.5.1fixed 2.5.1-bp154.2.5.1

    Caddy v2.4 was discovered to contain an open redirect vulnerability. A remote unauthenticated attacker may exploit this vulnerability to redirect users to arbitrary web URLs by tricking the victim users to click on crafted links.