GHSA-qpm3-vr34-h8w8

Опубликовано: 07 фев. 2023

Источник: github

Github: Прошло ревью

CVSS3: 6.1

Описание

Open Redirect in Caddy

Caddy v2.4.6 was discovered to contain an open redirection vulnerability which allows attackers to redirect users to phishing websites via crafted URLs

Ссылки

Пакеты

Наименование

github.com/caddyserver/caddy/v2

Затронутые версииВерсия исправления

< 2.5.0-beta.1

2.5.0-beta.1

EPSS

Процентиль: 95%

0.16987

Средний

6.1 Medium

CVSS3

CVE ID

CVE-2022-28923

Дефекты

CWE-601

Связанные уязвимости

CVE-2022-28923

CVSS3: 6.1

ubuntu

около 3 лет назад

Caddy v2.4.6 was discovered to contain an open redirection vulnerability which allows attackers to redirect users to phishing websites via crafted URLs.

CVE-2022-28923

CVSS3: 7.5

redhat

около 3 лет назад

Caddy v2.4.6 was discovered to contain an open redirection vulnerability which allows attackers to redirect users to phishing websites via crafted URLs.

CVE-2022-28923

CVSS3: 6.1

nvd

около 3 лет назад

Caddy v2.4.6 was discovered to contain an open redirection vulnerability which allows attackers to redirect users to phishing websites via crafted URLs.

CVE-2022-28923

CVSS3: 6.1

debian

около 3 лет назад

Caddy v2.4.6 was discovered to contain an open redirection vulnerabili ...

EPSS

Процентиль: 95%

0.16987

Средний

6.1 Medium

CVSS3

CVE ID

CVE-2022-28923

Дефекты

CWE-601