CVSS: 7.8EPSS: 94%CPEs: 444EXPL: 17CVE-2023-44487 – HTTP/2 Rapid Reset Attack Vulnerability
https://notcve.org/view.php?id=CVE-2023-44487
10 Oct 2023 — The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. El protocolo HTTP/2 permite una denegación de servicio (consumo de recursos del servidor) porque la cancelación de solicitudes puede restablecer muchas transmisiones rápidamente, como se explotó en la naturaleza entre agosto y octubre de 2023. A flaw was found in handling multiplexed streams in the HTTP/2 protocol. ... • https://github.com/imabee101/CVE-2023-44487 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1CVE-2022-45059
https://notcve.org/view.php?id=CVE-2022-45059
09 Nov 2022 — An issue was discovered in Varnish Cache 7.x before 7.1.2 and 7.2.x before 7.2.1. A request smuggling attack can be performed on Varnish Cache servers by requesting that certain headers are made hop-by-hop, preventing the Varnish Cache servers from forwarding critical headers to the backend. Se descubrió un problema en Varnish Cache 7.x anterior a la versión 7.1.2 y 7.2.x anterior a la versión 7.2.1. Se puede realizar un ataque de tráfico ilegal de solicitudes en los servidores Varnish Cache solicitando que... • https://github.com/martinvks/CVE-2022-45059-demo • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 7.8EPSS: 0%CPEs: 63EXPL: 0CVE-2022-45060 – varnish: Request Forgery Vulnerability
https://notcve.org/view.php?id=CVE-2022-45060
09 Nov 2022 — An HTTP Request Forgery issue was discovered in Varnish Cache 5.x and 6.x before 6.0.11, 7.x before 7.1.2, and 7.2.x before 7.2.1. An attacker may introduce characters through HTTP/2 pseudo-headers that are invalid in the context of an HTTP/1 request line, causing the Varnish server to produce invalid HTTP/1 requests to the backend. This could, in turn, be used to exploit vulnerabilities in a server behind the Varnish server. Note: the 6.0.x LTS series (before 6.0.11) is affected. Se descubrió un problema d... • https://docs.varnish-software.com/security/VSV00011 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-38150
https://notcve.org/view.php?id=CVE-2022-38150
11 Aug 2022 — In Varnish Cache 7.0.0, 7.0.1, 7.0.2, and 7.1.0, it is possible to cause the Varnish Server to assert and automatically restart through forged HTTP/1 backend responses. An attack uses a crafted reason phrase of the backend response status line. This is fixed in 7.0.3 and 7.1.1. En Varnish Cache versiones 7.0.0, 7.0.1, 7.0.2 y 7.1.0, es posible causar que el servidor Varnish sea afirmado y reiniciado automáticamente mediante respuestas backend HTTP/1 falsificadas. Un ataque usa una frase de razón diseñada de... • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M4KVVCIQVINQQ2D7ORNARSYALMJUMP3I •
CVSS: 9.1EPSS: 0%CPEs: 10EXPL: 0CVE-2022-23959 – varnish: HTTP/1 request smuggling vulnerability
https://notcve.org/view.php?id=CVE-2022-23959
26 Jan 2022 — In Varnish Cache before 6.6.2 and 7.x before 7.0.2, Varnish Cache 6.0 LTS before 6.0.10, and and Varnish Enterprise (Cache Plus) 4.1.x before 4.1.11r6 and 6.0.x before 6.0.9r4, request smuggling can occur for HTTP/1 connections. En Varnish Cache versiones anteriores a 6.6.2 y 7.x versiones anteriores a 7.0.2, Varnish Cache 6.0 LTS versiones anteriores a 6.0.10, y Varnish Enterprise (Cache Plus) 4.1.x versiones anteriores a 4.1.11r6 y 6.0.x versiones anteriores a 6.0.9r4, puede producirse contrabando de peti... • https://docs.varnish-software.com/security/VSV00008 • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 8.1EPSS: 0%CPEs: 11EXPL: 0CVE-2021-36740 – varnish: HTTP/2 request smuggling attack via a large Content-Length header for a POST request
https://notcve.org/view.php?id=CVE-2021-36740
14 Jul 2021 — Varnish Cache, with HTTP/2 enabled, allows request smuggling and VCL authorization bypass via a large Content-Length header for a POST request. This affects Varnish Enterprise 6.0.x before 6.0.8r3, and Varnish Cache 5.x and 6.x before 6.5.2, 6.6.x before 6.6.1, and 6.0 LTS before 6.0.8. Varnish Cache, con HTTP/2 habilitado, permite el contrabando de peticiones y la omisión de autorización de VCL por medio de un encabezado Content-Length grande para una petición POST. Esto afecta a Varnish Enterprise version... • https://docs.varnish-software.com/security/VSV00007 • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2013-4090
https://notcve.org/view.php?id=CVE-2013-4090
12 Feb 2020 — Varnish HTTP cache before 3.0.4: ACL bug Varnish HTTP cache versiones anteriores a 3.0.4: Un error de la Lista de Control de Acceso ACL. • https://www.varnish-cache.org/lists/pipermail/varnish-announce/2013-June/000684.html •
CVSS: 7.8EPSS: 5%CPEs: 4EXPL: 0CVE-2019-15892 – varnish: denial of service handling certain crafted HTTP/1 requests
https://notcve.org/view.php?id=CVE-2019-15892
03 Sep 2019 — An issue was discovered in Varnish Cache before 6.0.4 LTS, and 6.1.x and 6.2.x before 6.2.1. An HTTP/1 parsing failure allows a remote attacker to trigger an assert by sending crafted HTTP/1 requests. The assert will cause an automatic restart with a clean cache, which makes it a Denial of Service attack. Se detecto un problema en Varnish Cache en versiones anteriores a la 6.0.4 LTS y 6.1.x y 6.2.x en versiones anteriores a la 6.2.1. Un error de análisis HTTP/1 permite a un atacante remoto desencadenar una ... • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00069.html • CWE-20: Improper Input Validation CWE-617: Reachable Assertion •
CVSS: 9.1EPSS: 1%CPEs: 3EXPL: 0CVE-2017-8807
https://notcve.org/view.php?id=CVE-2017-8807
16 Nov 2017 — vbf_stp_error in bin/varnishd/cache/cache_fetch.c in Varnish HTTP Cache 4.1.x before 4.1.9 and 5.x before 5.2.1 allows remote attackers to obtain sensitive information from process memory because a VFP_GetStorage buffer is larger than intended in certain circumstances involving -sfile Stevedore transient objects. vbf_stp_error en bin/varnishd/cache/cache_fetch.c en Varnish HTTP Cache en versiones 4.1.x anteriores a la 4.1.9 y las versiones 5.x anteriores a la 5.2.1 permite que atacantes remotos obtengan inf... • http://varnish-cache.org/security/VSV00002.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 34EXPL: 0CVE-2017-12425
https://notcve.org/view.php?id=CVE-2017-12425
04 Aug 2017 — An issue was discovered in Varnish HTTP Cache 4.0.1 through 4.0.4, 4.1.0 through 4.1.7, 5.0.0, and 5.1.0 through 5.1.2. A wrong if statement in the varnishd source code means that particular invalid requests from the client can trigger an assert, related to an Integer Overflow. This causes the varnishd worker process to abort and restart, losing the cached contents in the process. An attacker can therefore crash the varnishd worker process on demand and effectively keep it from serving content - a Denial-of... • http://www.debian.org/security/2017/dsa-3924 • CWE-190: Integer Overflow or Wraparound •