caddy was added to epel9 repo on 2022-02-25
Page updated: 2025-11-12 16:43
Repo Status -
Overall Status
Source NVR: caddy-2.6.4-2.el9 (2022-06-29)
| caddy | caddy-2.6.4-2.el9 |
| 2273514 | NEW | TRIAGE CVE-2024-22189 caddy: quic-go: memory exhaustion attack against QUIC's connection ID mechanism [epel-9] |
| 2330015 | NEW | CVE-2024-53259 caddy: quic-go affected by an ICMP Packet Too Large Injection Attack on Linux [epel-9] |
| 2331928 | NEW | CVE-2024-45337 caddy: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto [epel-9] |
| 2333211 | NEW | CVE-2024-45338 caddy: Non-linear parsing of case-insensitive content in golang.org/x/net/html [epel-9] |
| 2342518 | NEW | CVE-2024-45339 caddy: Vulnerability when creating log files in github.com/golang/glog [epel-9] |
| 2350757 | NEW | CVE-2025-22869 caddy: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh [epel-9] |
| 2360541 | NEW | CVE-2025-22872 caddy: Incorrect Neutralization of Input During Web Page Generation in x/net in golang.org/x/net [epel-9] |
| 2374280 | NEW | CVE-2025-4673 caddy: Sensitive headers not cleared on cross-origin redirect in net/http [epel-9] |
| 2384106 | NEW | caddy: Host Header Injection in github.com/go-chi/chi [epel-9] |
| 2398339 | NEW | CVE-2025-47910 caddy: CrossOriginProtection bypass in net/http [epel-9] |
| 2398980 | NEW | CVE-2025-47906 caddy: Unexpected paths returned from LookPath in os/exec [epel-9] |
| 2407525 | NEW | CVE-2025-58189 caddy: go crypto/tls ALPN negotiation error contains attacker controlled information [epel-9] |
| 2408978 | NEW | CVE-2025-61723 caddy: Quadratic complexity when parsing some invalid inputs in encoding/pem [epel-9] |
| 2409921 | NEW | CVE-2025-58185 caddy: Parsing DER payload can cause memory exhaustion in encoding/asn1 [epel-9] |
| 2410860 | NEW | CVE-2025-58188 caddy: Panic when validating certificates with DSA public keys in crypto/x509 [epel-9] |