[Bug 1207971] New: VUL-0: CVE-2022-28923: caddy: an open redirection vulnerability which allows attackers to redirect users to phishing websites via crafted URLs
http://bugzilla.opensuse.org/show_bug.cgi?id=1207971 Bug ID: 1207971 Summary: VUL-0: CVE-2022-28923: caddy: an open redirection vulnerability which allows attackers to redirect users to phishing websites via crafted URLs Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.4 Hardware: Other URL: https://smash.suse.de/issue/356318/ OS: Other Status: NEW Severity: Minor Priority: P5 - None Component: Security Assignee: alexandre.vicenzi@suse.com Reporter: thomas.leroy@suse.com QA Contact: security-team@suse.de Found By: Security Response Team Blocker: --- rh#2167571 Caddy v2.4.6 was discovered to contain an open redirection vulnerability which allows attackers to redirect users to phishing websites via crafted URLs. https://lednerb.de/en/publications/responsible-disclosure/caddy-open-redirec... References: https://bugzilla.redhat.com/show_bug.cgi?id=2167571 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-28923 https://www.cve.org/CVERecord?id=CVE-2022-28923 https://lednerb.de/en/publications/responsible-disclosure/caddy-open-redirec... -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1207971 http://bugzilla.opensuse.org/show_bug.cgi?id=1207971#c1 Thomas Leroy <thomas.leroy@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |FIXED --- Comment #1 from Thomas Leroy <thomas.leroy@suse.com> --- Backports and Factory already fixed, closing -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@suse.com