3 matches found
CVE-2017-8807
Varnish Cache CVE-2017-8807 affects 4.1.x before 4.1.9 and 5.x before 5.2.1. The flaw is in vbf_stp_error in bin/varnishd/cache/cache_fetch.c where a VFP_GetStorage buffer is larger than intended during -sfile Stevedore transient objects, allowing remote attackers to read memory from the process....
CVE-2017-12425
Varnish HTTP Cache contains a denial-of-service vulnerability (CVE-2017-12425) due to a wrong if statement in varnishd that can cause an assertion when processing invalid client requests. This bug affects multiple releases: 4.0.1–4.0.4, 4.1.0–4.1.7, 5.0.0, and 5.1.0–5.1.2. Exploitation leads to t...
CVE-2013-4484
Varnish Cache (varnish) is affected by CVE-2013-4484. The vulnerability lies in handling of certain GET requests with trailing whitespace and no URI, which can trigger a remote denial of service via a child-process crash and a temporary caching outage. Public reports in the connected documents in...