Bugzilla – Bug 1200279
VUL-0: CVE-2022-29718: caddy: unauthenticated open redirect vulnerability
Last modified: 2022-06-15 19:15:52 UTC
Caddy v2.4 was discovered to contain an open redirect vulnerability. A remote
unauthenticated attacker may exploit this vulnerability to redirect users to
arbitrary web URLs by tricking the victim users to click on crafted links.
openSUSE:Backports:SLE-15-SP4 should be affected
Update request sent: https://build.opensuse.org/request/show/981148
This is an autogenerated message for OBS integration:
This bug (1200279) was mentioned in
https://build.opensuse.org/request/show/981174 Backports:SLE-15-SP4 / caddy
openSUSE-SU-2022:10007-1: An update that fixes one vulnerability is now available.
Category: security (moderate)
Bug References: 1200279
CVE References: CVE-2022-297182
openSUSE Backports SLE-15-SP4 (src): caddy-2.5.1-bp184.108.40.206