caddy was added to epel8 repo on 2023-08-24
Page updated: 2025-11-18 04:28
Repo Status -
Overall Status
Source NVR: caddy-2.6.4-2.el8 (2023-08-24)
| caddy | caddy-2.6.4-2.el8 |
| 2246579 | NEW | CVE-2023-45142 caddy: opentelemetry-go-contrib: DoS vulnerability in otelhttp [epel-all] |
| 2248218 | NEW | caddy: golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-39325) [epel-all] |
| 2257827 | NEW | CVE-2023-49295 caddy: quic-go: memory exhaustion attack against QUIC's path validation mechanism [epel-8] |
| 2268279 | NEW | TRIAGE CVE-2024-27304 caddy: pgx: SQL Injection via Protocol Message Size Overflow [epel-all] |
| 2268467 | NEW | TRIAGE CVE-2024-27289 caddy: pgx: SQL Injection via Line Comment Creation [epel-all] |
| 2268872 | NEW | CVE-2024-28180 caddy: jose-go: improper handling of highly compressed data [epel-all] |
| 2273515 | NEW | TRIAGE CVE-2024-22189 caddy: quic-go: memory exhaustion attack against QUIC's connection ID mechanism [epel-8] |
| 2330014 | NEW | CVE-2024-53259 caddy: quic-go affected by an ICMP Packet Too Large Injection Attack on Linux [epel-8] |
| 2331920 | NEW | CVE-2024-45337 caddy: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto [epel-8] |
| 2333207 | NEW | CVE-2024-45338 caddy: Non-linear parsing of case-insensitive content in golang.org/x/net/html [epel-8] |
| 2342517 | NEW | CVE-2024-45339 caddy: Vulnerability when creating log files in github.com/golang/glog [epel-8] |
| 2350750 | NEW | CVE-2025-22869 caddy: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh [epel-8] |
| 2360536 | NEW | CVE-2025-22872 caddy: Incorrect Neutralization of Input During Web Page Generation in x/net in golang.org/x/net [epel-8] |
| 2384103 | NEW | caddy: Host Header Injection in github.com/go-chi/chi [epel-8] |
| 2398319 | NEW | CVE-2025-47910 caddy: CrossOriginProtection bypass in net/http [epel-8] |
| 2398957 | NEW | CVE-2025-47906 caddy: Unexpected paths returned from LookPath in os/exec [epel-8] |
| 2407505 | NEW | CVE-2025-58189 caddy: go crypto/tls ALPN negotiation error contains attacker controlled information [epel-8] |
| 2408957 | NEW | CVE-2025-61723 caddy: Quadratic complexity when parsing some invalid inputs in encoding/pem [epel-8] |
| 2409899 | NEW | CVE-2025-58185 caddy: Parsing DER payload can cause memory exhaustion in encoding/asn1 [epel-8] |
| 2410839 | NEW | CVE-2025-58188 caddy: Panic when validating certificates with DSA public keys in crypto/x509 [epel-8] |