Lucene search

varnish -- Request Smuggling Vulnerability

🗓️ 25 Jan 2022 00:00:00Reported by FreeBSDType

Varnish Cache Project reports request smuggling vulnerability on HTTP/1 connection

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 66
RedhatCVE	CVE-2022-23959	27 Jan 202213:58	–	redhatcve
Tenable Nessus	CentOS 8 : varnish:6 (CESA-2022:0418)	4 Feb 202200:00	–	nessus
Tenable Nessus	RHEL 8 : varnish:6 (RHSA-2022:0420)	3 Feb 202200:00	–	nessus
Tenable Nessus	RHEL 8 : varnish:6 (RHSA-2022:0422)	3 Feb 202200:00	–	nessus
Tenable Nessus	RHEL 8 : varnish:6 (RHSA-2022:0418)	4 Feb 202200:00	–	nessus
Tenable Nessus	Debian DLA-2920-1 : varnish - LTS security update	14 Feb 202200:00	–	nessus
Tenable Nessus	RHEL 8 : varnish:6 (RHSA-2022:0421)	3 Feb 202200:00	–	nessus
Tenable Nessus	RHEL 7 : rh-varnish6-varnish (RHSA-2022:4745)	26 May 202200:00	–	nessus
Tenable Nessus	Fedora 36 : varnish (2022-d77f991ed2)	14 Nov 202400:00	–	nessus
Tenable Nessus	Amazon Linux AMI : varnish (ALAS-2022-1632)	23 Aug 202200:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
FreeBSD	any	noarch	varnish6	6.6.2	UNKNOWN
FreeBSD	any	noarch	varnish4	4.1.11r6	UNKNOWN

Source	Link
varnish-cache	www.varnish-cache.org/security/VSV00008.html
docs	www.docs.varnish-software.com/security/VSV00008/
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

25 Jan 2022 00:00Current

2.9Low risk

Vulners AI Score2.9

CVSS26.4

CVSS39.1

EPSS0.00268