|
|
|
|
|
|
by bracewel
3753 days ago
|
|
|
> The two CVEs against Varnish were both utterly bogus "trophy-hunter" CVEs in my opinion. (But don't take my word for it, judge for yourself.) ok > CVE-2013-4484: Varnish before 3.0.5 allows remote attackers to cause a denial of service (child-process crash and temporary caching outage) via a GET request with trailing whitespace characters and no URI. :| |
|
|