caddy Info

caddy was added to epel10 repo on 2025-09-25
Page updated: 2026-02-27 00:03
Repo Status - Overall Status

Source NVR: caddy-2.10.2-1.el10_2 (2025-09-25)

Binary Packages

caddy

caddy-2.10.2-1.el10_2

Bugs

2441149	NEW	CVE-2025-69725 caddy: Go-chi/chi: Open Redirect vulnerability allows redirection to malicious websites [epel-all]
2442422	NEW	CVE-2026-27587 caddy: Caddy: Access control bypass due to improper handling of percent-escape sequences in HTTP path matcher [epel-all]
2442424	NEW	CVE-2026-27590 caddy: Caddy: Remote Code Execution via FastCGI path confusion [epel-all]
2442428	NEW	CVE-2026-27589 caddy: Caddy: Unauthorized configuration modification via cross-origin requests to the admin API [epel-all]
2442430	NEW	CVE-2026-27586 caddy: Caddy: Authentication bypass via mTLS client certificate validation failure [epel-all]
2442435	NEW	CVE-2026-27588 caddy: Caddy: Access control bypass due to case-sensitive host matching [epel-all]
2442472	NEW	CVE-2026-27585 caddy: Caddy: Path security bypass due to unsanitized backslashes [epel-all]

Install Failures