Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
libvmod-digest before 1.0.3, as used in Varnish Enterprise 6.0.x before 6.0.11r5, has an out-of-bounds memory access during base64 decoding, leading to both authentication bypass and information disclosure; however, the exact attack surface will depend on the particular VCL (Varnish Configuration Language) configuration in use.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
libvmod-digest 缓冲区错误漏洞
Vulnerability Description
libvmod-digest是用于计算 HMAC、消息摘要。 libvmod-digest 1.0.3之前版本存在安全漏洞,该漏洞源于在base64解码过程中存在越界内存访问,导致身份验证绕过和信息泄露。
CVSS Information
N/A
Vulnerability Type
N/A