Lucene search
MitreCVELIST:CVE-2021-28543HistoryMar 16, 2021 - 2:43 p.m.
CVE-2021-28543
2021-03-1614:43:04
mitre
raw.githubusercontent.com
1
Varnish varnish-modules before 0.17.1 allows remote attackers to cause a denial of service (daemon restart) in some configurations. This does not affect organizations that only install the Varnish Cache product; however, it is common to install both Varnish Cache and varnish-modules. Specifically, an assertion failure or NULL pointer dereference can be triggered in Varnish Cache through the varnish-modules header.append() and header.copy() functions. For some Varnish Configuration Language (VCL) files, this gives remote clients an opportunity to cause a Varnish Cache restart. A restart reduces overall availability and performance due to an increased number of cache misses, and may cause higher load on backend servers.
Related
fedora
fedora
[SECURITY] Fedora 34 Update: varnish-modules-0.17.1-1.fc34
2021-03-22 02:10:57
prion
prion
Null pointer dereference
2021-03-16 15:15:00
debiancve
debiancve
CVE-2021-28543
2021-03-16 15:15:00
osv
osv
Denial of Service in varnish-modules version 0.18.0
2021-05-31 15:39:45
cve
cve
CVE-2021-28543
2021-03-16 15:15:00
redhatcve
redhatcve
CVE-2021-28543
2021-03-31 10:07:28
ubuntucve
ubuntucve
CVE-2021-28543
2021-03-16 00:00:00
openvas
openvas
Fedora: Security Advisory for varnish-modules (FEDORA-2021-2ad352ec70)
2021-03-22 00:00:00
cbl_mariner
cbl_mariner
CVE-2021-28543 affecting package varnish-modules 0.16.0-4
2024-05-28 21:07:38