Secsys-Go

**Name of the Vulnerable Software and Affected Versions** Caddy version 2.5.1 **Description** An out-of-bounds read in the `rewrite` function at `/modules/caddyhttp/rewrite/rewrite.go` allows attackers to cause a Denial of Service (DoS) via a crafted URI. This issue has been disputed as a bug, not a security vulnerability, and is believed to affect the client side of the request, potentially causing the server to return an empty reply instead of a valid HTTP response to the client. **Recommendations** As a temporary workaround, consider disabling the `rewrite` function until a patch is available or the issue is otherwise resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.