Unrated severityNVD Advisory· Published Sep 3, 2019· Updated Aug 5, 2024
CVE-2019-15892
CVE-2019-15892
Description
An issue was discovered in Varnish Cache before 6.0.4 LTS, and 6.1.x and 6.2.x before 6.2.1. An HTTP/1 parsing failure allows a remote attacker to trigger an assert by sending crafted HTTP/1 requests. The assert will cause an automatic restart with a clean cache, which makes it a Denial of Service attack.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
8- Varnish/Varnish Cachedescription
- Range: <6.0.4 LTS, <6.2.1
- osv-coords6 versionspkg:rpm/opensuse/varnish&distro=openSUSE%20Leap%2015.0pkg:rpm/opensuse/varnish&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/varnish&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/vinyl-cache&distro=openSUSE%20Tumbleweedpkg:rpm/suse/varnish&distro=SUSE%20Package%20Hub%2015pkg:rpm/suse/varnish&distro=SUSE%20Package%20Hub%2015%20SP1
< 6.2.1-lp151.3.3.1+ 5 more
- (no CPE)range: < 6.2.1-lp151.3.3.1
- (no CPE)range: < 6.2.1-lp151.3.3.1
- (no CPE)range: < 6.6.1-1.2
- (no CPE)range: < 9.0.0-1.1
- (no CPE)range: < 6.2.1-bp151.4.3.1
- (no CPE)range: < 6.2.1-bp151.4.3.1
Patches
Vulnerability mechanics
References
8- lists.opensuse.org/opensuse-security-announce/2019-09/msg00069.htmlmitrevendor-advisoryx_refsource_SUSE
- lists.opensuse.org/opensuse-security-announce/2019-09/msg00089.htmlmitrevendor-advisoryx_refsource_SUSE
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3OEOCYRU43TWEU2C65F3D6GK64MSWNNK/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DBAQF6UDRSTURGINIMSMLJR4PTDYWA7C/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KLSF54TDJWJLINIFEW5V5BKDNY5EQRR3/mitrevendor-advisoryx_refsource_FEDORA
- www.debian.org/security/2019/dsa-4514mitrevendor-advisoryx_refsource_DEBIAN
- seclists.org/bugtraq/2019/Sep/5mitremailing-listx_refsource_BUGTRAQ
- varnish-cache.org/security/VSV00003.htmlmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.