CVSS: 7.8EPSS: 94%CPEs: 444EXPL: 17CVE-2023-44487 – HTTP/2 Rapid Reset Attack Vulnerability
https://notcve.org/view.php?id=CVE-2023-44487
10 Oct 2023 — The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. El protocolo HTTP/2 permite una denegación de servicio (consumo de recursos del servidor) porque la cancelación de solicitudes puede restablecer muchas transmisiones rápidamente, como se explotó en la naturaleza entre agosto y octubre de 2023. A flaw was found in handling multiplexed streams in the HTTP/2 protocol. ... • https://github.com/imabee101/CVE-2023-44487 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 63EXPL: 0CVE-2022-45060 – varnish: Request Forgery Vulnerability
https://notcve.org/view.php?id=CVE-2022-45060
09 Nov 2022 — An HTTP Request Forgery issue was discovered in Varnish Cache 5.x and 6.x before 6.0.11, 7.x before 7.1.2, and 7.2.x before 7.2.1. An attacker may introduce characters through HTTP/2 pseudo-headers that are invalid in the context of an HTTP/1 request line, causing the Varnish server to produce invalid HTTP/1 requests to the backend. This could, in turn, be used to exploit vulnerabilities in a server behind the Varnish server. Note: the 6.0.x LTS series (before 6.0.11) is affected. Se descubrió un problema d... • https://docs.varnish-software.com/security/VSV00011 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 8.1EPSS: 0%CPEs: 11EXPL: 0CVE-2021-36740 – varnish: HTTP/2 request smuggling attack via a large Content-Length header for a POST request
https://notcve.org/view.php?id=CVE-2021-36740
14 Jul 2021 — Varnish Cache, with HTTP/2 enabled, allows request smuggling and VCL authorization bypass via a large Content-Length header for a POST request. This affects Varnish Enterprise 6.0.x before 6.0.8r3, and Varnish Cache 5.x and 6.x before 6.5.2, 6.6.x before 6.6.1, and 6.0 LTS before 6.0.8. Varnish Cache, con HTTP/2 habilitado, permite el contrabando de peticiones y la omisión de autorización de VCL por medio de un encabezado Content-Length grande para una petición POST. Esto afecta a Varnish Enterprise version... • https://docs.varnish-software.com/security/VSV00007 • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 9.1EPSS: 1%CPEs: 3EXPL: 0CVE-2017-8807
https://notcve.org/view.php?id=CVE-2017-8807
16 Nov 2017 — vbf_stp_error in bin/varnishd/cache/cache_fetch.c in Varnish HTTP Cache 4.1.x before 4.1.9 and 5.x before 5.2.1 allows remote attackers to obtain sensitive information from process memory because a VFP_GetStorage buffer is larger than intended in certain circumstances involving -sfile Stevedore transient objects. vbf_stp_error en bin/varnishd/cache/cache_fetch.c en Varnish HTTP Cache en versiones 4.1.x anteriores a la 4.1.9 y las versiones 5.x anteriores a la 5.2.1 permite que atacantes remotos obtengan inf... • http://varnish-cache.org/security/VSV00002.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 34EXPL: 0CVE-2017-12425
https://notcve.org/view.php?id=CVE-2017-12425
04 Aug 2017 — An issue was discovered in Varnish HTTP Cache 4.0.1 through 4.0.4, 4.1.0 through 4.1.7, 5.0.0, and 5.1.0 through 5.1.2. A wrong if statement in the varnishd source code means that particular invalid requests from the client can trigger an assert, related to an Integer Overflow. This causes the varnishd worker process to abort and restart, losing the cached contents in the process. An attacker can therefore crash the varnishd worker process on demand and effectively keep it from serving content - a Denial-of... • http://www.debian.org/security/2017/dsa-3924 • CWE-190: Integer Overflow or Wraparound •