EPSS
Percentile
55.5%
varnish is vulnerable to denial of service. The vulnerability exists in multiple functions of cache_session.c due to an assertion failure which allows an attacker to crash the application via malicious input.
cache_session.c
lists.opensuse.org/opensuse-security-announce/2020-06/msg00026.html
lists.opensuse.org/opensuse-security-announce/2020-06/msg00031.html
lists.debian.org/debian-lts-announce/2022/11/msg00036.html
security-tracker.debian.org/tracker/CVE-2020-11653
varnish-cache.org/security/VSV00005.html#vsv00005