Search Results (Refine Search)
- Keyword (text search): cpe:2.3:a:varnish-software:vmod_digest:1.0.2:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2023-41104 |
libvmod-digest before 1.0.3, as used in Varnish Enterprise 6.0.x before 6.0.11r5, has an out-of-bounds memory access during base64 decoding, leading to both authentication bypass and information disclosure; however, the exact attack surface will depend on the particular VCL (Varnish Configuration Language) configuration in use. Published: August 23, 2023; 3:15:08 AM -0400 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0:(not available) |