---

CVE-2017-12425 - log back

CVE-2017-12425 created at 25 Sep 2019 19:31:40
Severity	+ High
Remote	+ Remote
Type	+ Denial of service
Description	+ A remote, non-authenticated denial of service has been found in varnish < 5.1.3. A wrong if statement in the varnishd source code can trigger an assert when processing invalid requests from the client. This causes the varnishd worker process to abort and restart, losing the cached contents in the process.
References	+ https://varnish-cache.org/security/VSV00001.html#vsv00001
Notes