EPSS
Percentile
87.7%
varnish is vulnerable to information disclosure. A remote attacker is able to potentially retrieve confidential information from the process memory due to the VFP_GetStorage buffer being larger than allocated.
VFP_GetStorage
varnish-cache.org/security/VSV00002.html
www.securityfocus.com/bid/101886
bugs.debian.org/881808
github.com/varnishcache/varnish-cache/commit/176f8a075a963ffbfa56f1c460c15f6a1a6af5a7
github.com/varnishcache/varnish-cache/pull/2429
www.debian.org/security/2017/dsa-4034