Security Advisory

CVE-2023-41104

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-08-23 00:00:00

Last updated 2024-10-03 14:09:51

Assigner mitre

State PUBLISHED

Description

libvmod-digest before 1.0.3, as used in Varnish Enterprise 6.0.x before 6.0.11r5, has an out-of-bounds memory access during base64 decoding, leading to both authentication bypass and information disclosure; however, the exact attack surface will depend on the particular VCL (Varnish Configuration Language) configuration in use.

← Browse all CVEs View on cve.org ↗