I would like to build my own reverse proxy in rust using pingora as a framework.

My question is: how bad of an idea is it to replace a battle hardened haproxy instance with something self-made with regards to security / CVE's?

Pingora most likely is watched and developed with regards to mitigate possible CVE's. Should not be worried to much about it. The proxy will be straight forward, nothing fancy, no intelligency baked in. How much of a footgun will be introduced by using this on the big bad internet?

Any thoughts?