CVE-2022-34037

Out-of-bounds Read can lead to client side denial of service in go/github.com/caddyserver/caddy

Identifiers

CVE-2022-34037, GHSA-m7gr-5w5g-36jf

Package Slug

go/github.com/caddyserver/caddy

Vulnerability

Out-of-bounds Read can lead to client side denial of service

Description

An out-of-bounds read in the rewrite function at /modules/caddyhttp/rewrite/rewrite.go in Caddy v2.5.1 allows attackers to cause a Denial of Service (DoS) via a crafted URI.

Affected Versions

Version 2.5.1

Solution

Unfortunately, there is no solution available yet.

Last Modified

2022-07-29

source