Lucene search
Veracode Vulnerability DatabaseVERACODE:25360HistoryMay 10, 2020 - 11:28 p.m.
Information Disclosure
2020-05-1023:28:05
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
0.017 Low
EPSS
Percentile
87.8%
varnish is vulnerable to information disclosure. A remote attacker is able to potentially retrieve confidential information from the process memory due to the VFP_GetStorage buffer being larger than allocated.
| CPE | Name | Operator | Version |
|---|---|---|---|
| varnish:3.3 | eq | 4.1.2-r1 | |
| varnish:3.4 | eq | 4.1.2-r4 | |
| varnish:3.3 | eq | 4.1.2-r1 | |
| varnish:3.4 | eq | 4.1.2-r4 |
Related
mageia
mageia
Updated varnish packages fix security vulnerability
2017-12-02 02:13:21
prion
prion
Design/Logic Flaw
2017-11-16 02:29:00
openvas
openvas
Debian: Security Advisory (DSA-4034-1)
2017-11-14 00:00:00
Mageia: Security Advisory (MGASA-2017-0435)
2022-01-28 00:00:00
Fedora Update for varnish FEDORA-2017-8575fbfe90
2017-11-28 00:00:00
nessus
nessus
Fedora 27 : varnish (2017-72b50be8d4)
2018-01-15 00:00:00
Fedora 25 : varnish (2017-8575fbfe90)
2017-11-28 00:00:00
Debian DSA-4034-1 : varnish - security update
2017-11-16 00:00:00
debian
debian
[SECURITY] [DSA 4034-1] varnish security update
2017-11-15 12:51:26
[SECURITY] [DSA 4034-1] varnish security update
2017-11-15 12:51:26
osv
osv
CVE-2017-8807
2017-11-16 02:29:05
varnish - security update
2017-11-15 00:00:00
varnish vulnerability
2021-03-15 22:04:55
ubuntucve
ubuntucve
CVE-2017-8807
2017-11-16 00:00:00
cvelist
cvelist
CVE-2017-8807
2017-11-16 02:00:00
freebsd
freebsd
varnish -- information disclosure vulnerability
2017-11-15 00:00:00
debiancve
debiancve
CVE-2017-8807
2017-11-16 02:29:05
cve
cve
CVE-2017-8807
2017-11-16 02:29:05
fedora
fedora
[SECURITY] Fedora 26 Update: varnish-5.1.3-4.fc26
2017-11-28 00:50:34
[SECURITY] Fedora 25 Update: varnish-5.0.0-5.fc25
2017-11-28 04:12:08
[SECURITY] Fedora 27 Update: varnish-5.1.3-4.fc27
2017-11-27 21:25:46
redhatcve
redhatcve
CVE-2017-8807
2017-11-15 15:24:54
alpinelinux
alpinelinux
CVE-2017-8807
2017-11-16 02:29:05
nvd
nvd
CVE-2017-8807
2017-11-16 02:29:05
ubuntu
ubuntu
Varnish vulnerability
2021-03-15 00:00:00
archlinux
archlinux
[ASA-201711-29] varnish: information disclosure
2017-11-26 00:00:00