Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2024-30156HistoryMar 24, 2024 - 1:15 a.m.
CVE-2024-30156
2024-03-2401:15:45
Debian Security Bug Tracker
security-tracker.debian.org
17
varnish cache
varnish enterprise
broke window attack
http/2
credits exhaustion
Varnish Cache before 7.3.2 and 7.4.x before 7.4.3 (and before 6.0.13 LTS), and Varnish Enterprise 6 before 6.0.12r6, allows credits exhaustion for an HTTP/2 connection control flow window, aka a Broke Window Attack.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | varnish | <= 7.1.1-1.1 | varnish_7.1.1-1.1_all.deb |
| Debian | 11 | all | varnish | <= 6.5.1-1+deb11u3 | varnish_6.5.1-1+deb11u3_all.deb |
| Debian | 10 | all | varnish | <= 6.1.1-1+deb10u3 | varnish_6.1.1-1+deb10u3_all.deb |
| Debian | 999 | all | varnish | <= 7.1.1-1.2 | varnish_7.1.1-1.2_all.deb |
| Debian | 13 | all | varnish | <= 7.1.1-1.2 | varnish_7.1.1-1.2_all.deb |
Related
redhatcve
redhatcve
CVE-2024-30156
2024-03-25 18:23:44
osv
osv
Important: varnish security update
2024-04-08 00:00:00
Important: varnish security update
2024-05-10 14:32:38
CVE-2024-30156
2024-03-24 01:15:45
nessus
nessus
Oracle Linux 9 : varnish (ELSA-2024-1691)
2024-04-09 00:00:00
RHEL 8 : varnish:6 (RHSA-2024:2938)
2024-05-21 00:00:00
RHEL 9 : varnish (RHSA-2024:2700)
2024-05-06 00:00:00
rocky
rocky
varnish security update
2024-05-10 14:32:38
varnish security update
2024-05-06 13:04:21
almalinux
almalinux
Important: varnish security update
2024-04-08 00:00:00
Important: varnish security update
2024-04-08 00:00:00
ubuntucve
ubuntucve
CVE-2024-30156
2024-03-24 00:00:00
oraclelinux
oraclelinux
varnish security update
2024-04-09 00:00:00
varnish security update
2024-04-09 00:00:00
redhat
redhat
(RHSA-2024:2700) Important: varnish security update
2024-05-06 06:31:51
(RHSA-2024:2820) Important: varnish security update
2024-05-13 00:58:18
(RHSA-2024:3305) Important: varnish:6 security update
2024-05-23 05:51:17
openvas
openvas
Mageia: Security Advisory (MGASA-2024-0124)
2024-04-15 00:00:00
mageia
mageia
Updated varnish packages fix security vulnerability
2024-04-12 23:45:19
cve
cve
CVE-2024-30156
2024-03-24 01:15:45
cvelist
cvelist
CVE-2024-30156
2024-03-24 00:00:00
nvd
nvd
CVE-2024-30156
2024-03-24 01:15:45
veracode
veracode
Broke Window Attack
2024-04-11 00:38:27
redos
redos
ROS-20240423-01
2024-04-23 00:00:00