Lucene search

K
redhatcveRedhat.comRH:CVE-2017-8807
HistoryNov 15, 2017 - 3:24 p.m.

CVE-2017-8807

2017-11-1515:24:54
redhat.com
access.redhat.com
9

0.017 Low

EPSS

Percentile

87.8%

vbf_stp_error in bin/varnishd/cache/cache_fetch.c in Varnish HTTP Cache 4.1.x before 4.1.9 and 5.x before 5.2.1 allows remote attackers to obtain sensitive information from process memory because a VFP_GetStorage buffer is larger than intended in certain circumstances involving -sfile Stevedore transient objects.