Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
vbf_stp_error in bin/varnishd/cache/cache_fetch.c in Varnish HTTP Cache 4.1.x before 4.1.9 and 5.x before 5.2.1 allows remote attackers to obtain sensitive information from process memory because a VFP_GetStorage buffer is larger than intended in certain circumstances involving -sfile Stevedore transient objects.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Varnish HTTP Cache 安全漏洞
Vulnerability Description
Varnish HTTP Cache是丹麦软件开发者Poul-Henning Kamp所研发的一款高性能、开源的反向代理服务器和缓存服务器。该服务器采用Visual Page Cache技术,可实现所有缓存的数据直接从内存读取,从而提高访问速度。 Varnish HTTP Cache 4.1.9之前的4.1.x版本和5.2.1之前的5.x版本中的vbf_stp_error存在安全漏洞。远程攻击者可利用该漏洞获取进程内存中的敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A