ALT-PU-2022-1850-2

Package update caddy in branch sisyphus

Version2.5.1-alt1

Published2026-02-04

Max severityMEDIUM

Severity:

Closed issues (4)

MEDIUM6.1

Caddy v2.4.6 was discovered to contain an open redirection vulnerability which allows attackers to redirect users to phishing websites via crafted URLs.

Published: 2023-02-06Modified: 2025-03-26

CVSS 3.xMEDIUM 6.1

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

References

MEDIUM6.1

Caddy v2.4 was discovered to contain an open redirect vulnerability. A remote unauthenticated attacker may exploit this vulnerability to redirect users to arbitrary web URLs by tricking the victim users to click on crafted links.

Published: 2022-06-02Modified: 2024-11-21

CVSS 2.0MEDIUM 5.8

CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:N

CVSS 3.xMEDIUM 6.1

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

References

GHSA-2927-hv3p-f3vp

MEDIUM6.1

Open redirect in caddy

Published: 2022-06-03Modified: 2022-06-14

CVSS 3.xMEDIUM 6.1

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

References

GHSA-qpm3-vr34-h8w8

MEDIUM6.1

Open Redirect in Caddy

Published: 2023-02-07Modified: 2025-03-27

CVSS 3.xMEDIUM 6.1

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

References