CVE-2019-15892

Priority
Description
An issue was discovered in Varnish Cache before 6.0.4 LTS, and 6.1.x and
6.2.x before 6.2.1. An HTTP/1 parsing failure allows a remote attacker to
trigger an assert by sending crafted HTTP/1 requests. The assert will cause
an automatic restart with a clean cache, which makes it a Denial of Service
attack.
Notes
Package
Upstream:released (6.2.1-1)
Ubuntu 18.04 LTS:not-affected (code not present)
Ubuntu 20.04 LTS:not-affected (6.2.1-2)
Ubuntu 14.04 ESM:not-affected (code not present)
Patches:
More Information

Updated: 2022-04-13 13:47:15 UTC (commit f411bd370d482ef4385c4e751d121a4055fbc009)