Описание
vbf_stp_error in bin/varnishd/cache/cache_fetch.c in Varnish HTTP Cache 4.1.x before 4.1.9 and 5.x before 5.2.1 allows remote attackers to obtain sensitive information from process memory because a VFP_GetStorage buffer is larger than intended in certain circumstances involving -sfile Stevedore transient objects.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | 5.2.1-1 |
| cosmic | not-affected | 5.2.1-1 |
| devel | not-affected | 5.2.1-1 |
| disco | not-affected | 5.2.1-1 |
| eoan | not-affected | 5.2.1-1 |
| esm-apps/bionic | not-affected | 5.2.1-1 |
| esm-apps/focal | not-affected | 5.2.1-1 |
| esm-apps/jammy | not-affected | 5.2.1-1 |
| esm-apps/xenial | released | 4.1.1-1ubuntu0.2+esm1 |
Показывать по
Ссылки на источники
6.4 Medium
CVSS2
9.1 Critical
CVSS3
Связанные уязвимости
vbf_stp_error in bin/varnishd/cache/cache_fetch.c in Varnish HTTP Cache 4.1.x before 4.1.9 and 5.x before 5.2.1 allows remote attackers to obtain sensitive information from process memory because a VFP_GetStorage buffer is larger than intended in certain circumstances involving -sfile Stevedore transient objects.
vbf_stp_error in bin/varnishd/cache/cache_fetch.c in Varnish HTTP Cache 4.1.x before 4.1.9 and 5.x before 5.2.1 allows remote attackers to obtain sensitive information from process memory because a VFP_GetStorage buffer is larger than intended in certain circumstances involving -sfile Stevedore transient objects.
vbf_stp_error in bin/varnishd/cache/cache_fetch.c in Varnish HTTP Cach ...
vbf_stp_error in bin/varnishd/cache/cache_fetch.c in Varnish HTTP Cache 4.1.x before 4.1.9 and 5.x before 5.2.1 allows remote attackers to obtain sensitive information from process memory because a VFP_GetStorage buffer is larger than intended in certain circumstances involving -sfile Stevedore transient objects.
6.4 Medium
CVSS2
9.1 Critical
CVSS3