EPSS
Percentile
35.0%
github.com/caddyserver/caddy is vulnerable to denial of service. The vulnerability exists due to the out-of-bounds read in the Rewrite function of rewrite.go, allowing an attacker to crash the application by providing a maliciously crafted url.
Rewrite
rewrite.go
github.com/advisories/GHSA-m7gr-5w5g-36jf
github.com/caddyserver/caddy/commit/693e9b5283e675b56084ecc83d73176cab0ee27c
github.com/caddyserver/caddy/issues/4775