CGA-7c9g-x4f4-fpc8

Published

Last updated

https://images.chainguard.dev/security/CGA-7c9g-x4f4-fpc8

Package

caddy

Latest Update

Not affected

Aliases

CVE-2022-28923
GHSA-qpm3-vr34-h8w8

Severity

6.1

Medium

CVSS V3

Summary

Open Redirect in Caddy

Description

Caddy v2.4.6 was discovered to contain an open redirection vulnerability which allows attackers to redirect users to phishing websites via crafted URLs

References

https://nvd.nist.gov/vuln/detail/CVE-2022-28923
https://github.com/advisories/GHSA-qpm3-vr34-h8w8
https://github.com/caddyserver/caddy/commit/78b5356f2b1945a90de1ef7f2c7669d82098edbd
https://github.com/caddyserver/caddy
https://lednerb.de/en/publications/responsible-disclosure/caddy-open-redirect-vulnerability
https://pkg.go.dev/vuln/GO-2023-1567

Updates

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

Safe Source for Open Source™

Media Kit Contact Us

Private Policy

CGA-7c9g-x4f4-fpc8

Severity

Summary

Description

References

Updates

Product

Why Chainguard

Customers

Company

Resources