An issue was discovered in Varnish Cache before 6.0.4 LTS, and 6.1.x and 6.2.x before 6.2.1. An HTTP/1 parsing failure allows a remote attacker to trigger an assert by sending crafted HTTP/1 requests. The assert will cause an automatic restart with a clean cache, which makes it a Denial of Service attack.
References
Configurations
History
07 Nov 2023, 03:05
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2019-09-03 21:15
Updated : 2024-02-28 17:08
NVD link : CVE-2019-15892
Mitre link : CVE-2019-15892
CVE.ORG link : CVE-2019-15892
JSON object : View
Products Affected
varnish_cache_project
- varnish_cache
debian
- debian_linux
varnish-software
- varnish_cache
CWE
CWE-617
Reachable Assertion