DescriptionAn out-of-bounds read in the rewrite function at /modules/caddyhttp/rewrite/rewrite.go in Caddy v2.5.1 allows attackers to cause a Denial of Service (DoS) via a crafted URI.
Overall state of this security issue: Resolved
This issue is currently rated as having important severity.
|National Vulnerability Database|
SUSE Security Advisories:
- openSUSE-SU-2022:10080-1, published Sat Aug 6 18:53:17 2022
List of released packages
|Product(s)||Fixed package version(s)||References|
|SUSE Package Hub 15 SP4|| ||Patchnames: |
|openSUSE Leap 15.4|| ||Patchnames: |
|openSUSE Tumbleweed|| ||Patchnames: |
openSUSE Tumbleweed GA caddy-2.5.2-2.1
SUSE Timeline for this CVECVE page created: Sun Jul 24 01:57:53 2022
CVE page last modified: Wed Oct 26 23:57:56 2022