Varnish-cache - Varnish Cache CVE

Filtered by vendor Varnish-cache Subscribe

Filtered by product Varnish Cache

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2017-8807	2 Debian, Varnish-cache	3 Debian Linux, Varnish, Varnish Cache	2022-06-21	6.4 MEDIUM	9.1 CRITICAL
vbf_stp_error in bin/varnishd/cache/cache_fetch.c in Varnish HTTP Cache 4.1.x before 4.1.9 and 5.x before 5.2.1 allows remote attackers to obtain sensitive information from process memory because a VFP_GetStorage buffer is larger than intended in certain circumstances involving -sfile Stevedore transient objects.

Vulnerabilities (CVE)