Go module quic-go is affected by CVE-2024-22189 and this module is embedded in openSUSE:Factory/caddy (quic-go version 0.40.0).