vulnerability
Alma Linux: CVE-2019-15892: Moderate: varnish:6 security, bug fix, and enhancement update (ALSA-2020-4756)
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
8 | (AV:N/AC:L/Au:N/C:N/I:N/A:C) | Sep 3, 2019 | May 4, 2022 | Nov 27, 2024 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
Sep 3, 2019
Added
May 4, 2022
Modified
Nov 27, 2024
Description
An issue was discovered in Varnish Cache before 6.0.4 LTS, and 6.1.x and 6.2.x before 6.2.1. An HTTP/1 parsing failure allows a remote attacker to trigger an assert by sending crafted HTTP/1 requests. The assert will cause an automatic restart with a clean cache, which makes it a Denial of Service attack.
Solution(s)
alma-upgrade-varnishalma-upgrade-varnish-develalma-upgrade-varnish-docsalma-upgrade-varnish-modules

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.