EUVD-2025-24560

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

HTTP/2 mismatch enables DoS: client resets streams via malformed frames; backend processing streams.

Reporter	Title	Published	Views	Family All 75
GithubExploit	Exploit for CVE-2025-8671	9 Feb 202611:39	–	githubexploit
GithubExploit	Exploit for CVE-2025-8671	23 Aug 202519:14	–	githubexploit
GithubExploit	Exploit for CVE-2025-8671	21 Aug 202521:20	–	githubexploit
AlpineLinux	CVE-2025-8671	13 Aug 202512:03	–	alpinelinux
Circl	CVE-2025-8671	13 Aug 202517:11	–	circl
CNNVD	SUSE Linux多款产品安全漏洞	13 Aug 202500:00	–	cnnvd
CVE	CVE-2025-8671	13 Aug 202512:03	–	cve
Cvelist	CVE-2025-8671 CVE-2025-8671	13 Aug 202512:03	–	cvelist
Debian	[SECURITY] [DSA 6303-1] varnish security update	27 May 202621:02	–	debian
Debian CVE	CVE-2025-8671	13 Aug 202512:03	–	debiancve

[
  {
    "enisaIdVendor": [
      {
        "id": "3514bb50-9782-3803-8edc-683b67785742",
        "vendor": {
          "name": "fastly"
        }
      },
      {
        "id": "7c45b357-56fa-3781-9176-bf4324726752",
        "vendor": {
          "name": "SUSE Linux"
        }
      },
      {
        "id": "a70b9cdb-a859-372f-b466-022480e8e054",
        "vendor": {
          "name": "Varnish Software"
        }
      },
      {
        "id": "ba7026e2-0cbb-3592-b22d-c3e14c445c8c",
        "vendor": {
          "name": "Wind River"
        }
      },
      {
        "id": "cb69f093-be90-33ab-a7c4-df2df5b2ff0c",
        "vendor": {
          "name": "IETF HTTP Working Group"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "0b35b269-8f38-3dd9-805f-0ead7ca37b01",
        "product": {
          "name": "Enterprise Module for Package Hub"
        },
        "product_version": "15 SP5 <15 SP7"
      },
      {
        "id": "160431ab-5c10-3d51-b059-65f9fbfc0742",
        "product": {
          "name": "Varnish Cache"
        },
        "product_version": "6.0LTS ≤6.014"
      },
      {
        "id": "17e1ae1f-902d-3475-a8c4-acd16a256a3f",
        "product": {
          "name": "Varnish Enterprise"
        },
        "product_version": "6.0.x ≤6.0.14r4"
      },
      {
        "id": "2cccdaa0-9812-3e3a-b092-9ad772baab81",
        "product": {
          "name": "SUSE Manager Retail Branch Server"
        },
        "product_version": "4.3"
      },
      {
        "id": "3625f781-8db0-39e4-a76a-81eaff5facb8",
        "product": {
          "name": "Enterprise Server"
        },
        "product_version": "12 SP5 <15 SP7"
      },
      {
        "id": "56f1bcfa-88c9-317d-9317-258cb7edd9e6",
        "product": {
          "name": "openSUSE Leap"
        },
        "product_version": "15.6"
      },
      {
        "id": "62867aed-4bd8-33ff-b711-2b3654528008",
        "product": {
          "name": "Studio Developer"
        },
        "product_version": "All Versions"
      },
      {
        "id": "69ab840b-0d10-34af-b4d2-453e900e1bda",
        "product": {
          "name": "Enterprise Module for Dev Tools"
        },
        "product_version": "15 SP3 <15 SP7"
      },
      {
        "id": "7ac1ed3c-d91a-3e18-a488-b8e205152cc7",
        "product": {
          "name": "SUSE Manager Server"
        },
        "product_version": "4.3"
      },
      {
        "id": "7b5c9ec4-ae5a-3884-9de5-8eca2eaaf768",
        "product": {
          "name": "Linux"
        },
        "product_version": "LTS22 ≤TLS25"
      },
      {
        "id": "87693164-a9dc-35ad-9162-1dcb8b8f60a1",
        "product": {
          "name": "Enterprise High Performance Computing"
        },
        "product_version": "15 SP3 <15 SP7"
      },
      {
        "id": "8d3cff4a-f9e2-38e4-a551-82ca1efab9dc",
        "product": {
          "name": "eLxr Pro"
        },
        "product_version": "All Versions"
      },
      {
        "id": "a3f8d4bc-778d-322e-8b73-bde2b514403d",
        "product": {
          "name": "Enterprise Desktop"
        },
        "product_version": "15 SP6 <15 SP7"
      },
      {
        "id": "adcb50f2-694c-31aa-830f-cc16fb613017",
        "product": {
          "name": "Enterprise High Performance Computing (HPC)"
        },
        "product_version": "15 <15 SP5"
      },
      {
        "id": "afa2c296-11db-3af6-ae27-11a338df0e92",
        "product": {
          "name": "Enterprise Server for SAP Applications"
        },
        "product_version": "15 SP6 <15 SP7"
      },
      {
        "id": "b4835f48-578c-368c-b02a-3af4e0621d1a",
        "product": {
          "name": "SUSE Manager Proxy"
        },
        "product_version": "4.3"
      },
      {
        "id": "bbcc835f-af7a-3a50-b9b6-ad39a4bc16d2",
        "product": {
          "name": "Varnish Cache"
        },
        "product_version": "5.x ≤7.71"
      },
      {
        "id": "dde7ee8d-d217-311f-baf4-c69f4f08b770",
        "product": {
          "name": "HTTP/2"
        },
        "product_version": "N/A"
      },
      {
        "id": "e3376609-1464-3976-a339-56520d16b0ad",
        "product": {
          "name": "Enterprise Module for Development Tools"
        },
        "product_version": "15 SP2 <15-SP5"
      },
      {
        "id": "fc967d6d-2740-30bd-80e7-edd065fe16bc",
        "product": {
          "name": "H20"
        },
        "product_version": "579ecfa"
      },
      {
        "id": "fec045bf-586c-3f32-bc56-001f15793fc2",
        "product": {
          "name": "SUSE Manager Server LTS"
        },
        "product_version": "4.3"
      }
    ]
  }
]

Source	Link
github	www.github.com/galbarnahum/MadeYouReset
support2	www.support2.windriver.com/index.php
github	www.github.com/h2o/h2o/security/advisories/GHSA-mrjm-qq9m-9mjq
github	www.github.com/jetty/jetty.project/pull/13449
galbarnahum	www.galbarnahum.com/made-you-reset
kb	www.kb.cert.org/vuls/id/767506
varnish-cache	www.varnish-cache.org/security/VSV00017.html
fastlystatus	www.fastlystatus.com/incident/377810
github	www.github.com/h2o/h2o/commit/4729b661e3c6654198d2cc62997e1af58bef4b80
suse	www.suse.com/support/kb/doc/

03 Oct 2025 20:07Current

6.6Medium risk

Vulners AI Score6.6

CVSS 3.17.5

EPSS0.00928

SSVC