6 results (0.004 seconds)

CVSS: 7.5EPSS: 83%CPEs: 444EXPL: 7

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. El protocolo HTTP/2 permite una denegación de servicio (consumo de recursos del servidor) porque la cancelación de solicitudes puede restablecer muchas transmisiones rápidamente, como se explotó en la naturaleza entre agosto y octubre de 2023. A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. • https://github.com/imabee101/CVE-2023-44487 https://github.com/studiogangster/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/sigridou/CVE-2023-44487- https://github.com/ByteHackr/CVE-2023-44487 https://github.com/ReToCode/golang-CVE-2023-44487 http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www. • CWE-400: Uncontrolled Resource Consumption •

CVSS: 7.5EPSS: 0%CPEs: 63EXPL: 0

An HTTP Request Forgery issue was discovered in Varnish Cache 5.x and 6.x before 6.0.11, 7.x before 7.1.2, and 7.2.x before 7.2.1. An attacker may introduce characters through HTTP/2 pseudo-headers that are invalid in the context of an HTTP/1 request line, causing the Varnish server to produce invalid HTTP/1 requests to the backend. This could, in turn, be used to exploit vulnerabilities in a server behind the Varnish server. Note: the 6.0.x LTS series (before 6.0.11) is affected. Se descubrió un problema de HTTP Request Forgery en Varnish Cache 5.x y 6.x anteriores a 6.0.11, 7.x anteriores a 7.1.2 y 7.2.x anteriores a 7.2.1. • https://docs.varnish-software.com/security/VSV00011 https://lists.debian.org/debian-lts-announce/2022/11/msg00036.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G6ZMOZVBLZXHEV5VRW4I4SOWLQEK5OF5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M4KVVCIQVINQQ2D7ORNARSYALMJUMP3I https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XGF6LFTHXCSYMYUX5HLMVXQH3WHCSFLU https://varnish-cache.org/security/VSV00011.html htt • CWE-918: Server-Side Request Forgery (SSRF) •

CVSS: 9.1EPSS: 0%CPEs: 10EXPL: 0

In Varnish Cache before 6.6.2 and 7.x before 7.0.2, Varnish Cache 6.0 LTS before 6.0.10, and and Varnish Enterprise (Cache Plus) 4.1.x before 4.1.11r6 and 6.0.x before 6.0.9r4, request smuggling can occur for HTTP/1 connections. En Varnish Cache versiones anteriores a 6.6.2 y 7.x versiones anteriores a 7.0.2, Varnish Cache 6.0 LTS versiones anteriores a 6.0.10, y Varnish Enterprise (Cache Plus) 4.1.x versiones anteriores a 4.1.11r6 y 6.0.x versiones anteriores a 6.0.9r4, puede producirse contrabando de peticiones para conexiones HTTP/1 A flaw was found in Varnish. This flaw allows an attacker to carry out a request smuggling attack on HTTP/1 connections on Varnish cache servers. This smuggled request goes through the usual Varnish Configuration Language (VCL) processing since the Varnish server treats it as an additional request. • https://docs.varnish-software.com/security/VSV00008 https://lists.debian.org/debian-lts-announce/2022/02/msg00014.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UMMDMQWNAE3BTSZUHXQHVAMZC5TLHLYT https://varnish-cache.org/security/VSV00008.html https://www.debian.org/security/2022/dsa-5088 https://access.redhat.com/security/cve/CVE-2022-23959 https://bugzilla.redhat.com/show_bug.cgi?id=2045031 • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •

CVSS: 8.1EPSS: 0%CPEs: 11EXPL: 0

Varnish Cache, with HTTP/2 enabled, allows request smuggling and VCL authorization bypass via a large Content-Length header for a POST request. This affects Varnish Enterprise 6.0.x before 6.0.8r3, and Varnish Cache 5.x and 6.x before 6.5.2, 6.6.x before 6.6.1, and 6.0 LTS before 6.0.8. Varnish Cache, con HTTP/2 habilitado, permite el contrabando de peticiones y la omisión de autorización de VCL por medio de un encabezado Content-Length grande para una petición POST. Esto afecta a Varnish Enterprise versiones 6.0.x anteriores a 6.0.8r3, y Varnish Cache versiones 5.xy 6.x anteriores a 6.5.2, versiones 6.6.x anteriores a 6.6.1 y versiones 6.0 LTS anteriores a 6.0.8 A flaw was found in Varnish. The Varnish Cache, with HTTP/2 enabled, allows request smuggling and VCL authorization bypass via a large Content-Length header for a POST request. • https://docs.varnish-software.com/security/VSV00007 https://github.com/varnishcache/varnish-cache/commit/82b0a629f60136e76112c6f2c6372cce77b683be https://github.com/varnishcache/varnish-cache/commit/9be22198e258d0e7a5c41f4291792214a29405cf https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/THV2DQA2GS65HUCKK4KSD2XLN3AAQ2V5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZHBNLDEOTGYRIEQZBWV7F6VPYS4O2AAK https://varnish-cache.org/security/VSV00007.html https://www.debian.org& • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •

CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0

An issue was discovered in Varnish Cache before 6.0.5 LTS, 6.1.x and 6.2.x before 6.2.2, and 6.3.x before 6.3.1. It does not clear a pointer between the handling of one client request and the next request within the same connection. This sometimes causes information to be disclosed from the connection workspace, such as data structures associated with previous requests within this connection or VCL-related temporary headers. Se detectó un problema en Varnish Cache versiones anteriores a 6.0.5 LTS, versiones 6.1.x y versiones 6.2.x anteriores a 6.2.2 y versiones 6.3.x anteriores a 6.3.1. No borra un puntero entre el manejo de una petición de cliente y la siguiente petición dentro de la misma conexión. • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00031.html http://varnish-cache.org/security/VSV00004.html#vsv00004 https://access.redhat.com/security/cve/CVE-2019-20637 https://bugzilla.redhat.com/show_bug.cgi?id=1772362 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer •