Open redirect in caddy
Overview
Source
ID
GHSA-2927-hv3p-f3vp
Aliases
CVE-2022-29718
Affected package
Description
Caddy v2.4 was discovered to contain an open redirect vulnerability. A remote unauthenticated attacker may exploit this vulnerability to redirect users to arbitrary web URLs by tricking the victim users to click on crafted links.
Impact
Severity
help_outline
Latest version of the CVSS score reported by the source of the advisory.
6.1 MODERATE
Reference links
Summary
929
Total packages affected
help_outline
Packages with at least one version that is affected by the advisory or has an affected dependency.
131
Packages with a known fix
help_outline
Packages with versions affected by the advisory that have a greater version that is not affected.
0.07%
Total ecosystem affected
help_outline
The proportion of packages in the ecosystem that are affected by the advisory (fixed or not).
Affected Version: Introduced: 0, Fixed: 2.5.0
Affected
Affected Version: Introduced: 0, Fixed: 2.5.0
Patched/Unaffected
Affected