CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-28543
https://notcve.org/view.php?id=CVE-2021-28543
16 Mar 2021 — Varnish varnish-modules before 0.17.1 allows remote attackers to cause a denial of service (daemon restart) in some configurations. This does not affect organizations that only install the Varnish Cache product; however, it is common to install both Varnish Cache and varnish-modules. Specifically, an assertion failure or NULL pointer dereference can be triggered in Varnish Cache through the varnish-modules header.append() and header.copy() functions. For some Varnish Configuration Language (VCL) files, this... • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OPFBRQUJNWHCB3GQHSSAPRLQU6Q6PY43 • CWE-476: NULL Pointer Dereference CWE-617: Reachable Assertion •