Unrated severityNVD Advisory· Published Apr 8, 2020· Updated Aug 4, 2024
CVE-2020-11653
CVE-2020-11653
Description
An issue was discovered in Varnish Cache before 6.0.6 LTS, 6.1.x and 6.2.x before 6.2.3, and 6.3.x before 6.3.2. It occurs when communication with a TLS termination proxy uses PROXY version 2. There can be an assertion failure and daemon restart, which causes a performance loss.
Affected products
4- Varnish Cache/Varnish Cachedescription
- Range: <6.0.6, 6.1.x <6.2.3, 6.3.x <6.3.2
- osv-coords2 versionspkg:rpm/opensuse/varnish&distro=openSUSE%20Leap%2015.1pkg:rpm/suse/varnish&distro=SUSE%20Package%20Hub%2015%20SP1
< 6.2.1-lp151.3.6.1+ 1 more
- (no CPE)range: < 6.2.1-lp151.3.6.1
- (no CPE)range: < 6.2.1-bp151.4.6.1
Patches
Vulnerability mechanics
References
4- lists.opensuse.org/opensuse-security-announce/2020-06/msg00026.htmlmitrevendor-advisory
- lists.opensuse.org/opensuse-security-announce/2020-06/msg00031.htmlmitrevendor-advisory
- lists.debian.org/debian-lts-announce/2022/11/msg00036.htmlmitremailing-list
- varnish-cache.org/security/VSV00005.htmlmitre
News mentions
0No linked articles in our index yet.