Lucene search

Important: Red Hat Security Advisory: varnish:6 security update

🗓️ 03 Feb 2022 12:54:20Reported by RedHatType

Varnish Cache security update to fix HTTP/1 request smuggling vulnerability

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 66
Fedora	[SECURITY] Fedora 35 Update: varnish-modules-0.18.0-5.fc35	16 Feb 202201:28	–	fedora
Fedora	[SECURITY] Fedora 35 Update: varnish-6.6.2-2.fc35	16 Feb 202201:28	–	fedora
RedhatCVE	CVE-2022-23959	27 Jan 202213:58	–	redhatcve
Tenable Nessus	CentOS 8 : varnish:6 (CESA-2022:0418)	4 Feb 202200:00	–	nessus
Tenable Nessus	RHEL 8 : varnish:6 (RHSA-2022:0422)	3 Feb 202200:00	–	nessus
Tenable Nessus	RHEL 8 : varnish:6 (RHSA-2022:0418)	4 Feb 202200:00	–	nessus
Tenable Nessus	RHEL 8 : varnish:6 (RHSA-2022:0420)	3 Feb 202200:00	–	nessus
Tenable Nessus	RHEL 8 : varnish:6 (RHSA-2022:0421)	3 Feb 202200:00	–	nessus
Tenable Nessus	Debian DLA-2920-1 : varnish - LTS security update	14 Feb 202200:00	–	nessus
Tenable Nessus	RHEL 7 : rh-varnish6-varnish (RHSA-2022:4745)	26 May 202200:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
RedHat	any	aarch64	varnish	6.0.6-2.module+el8.4.0+14090+331e4860.2	varnish-6.0.6-2.module+el8.4.0+14090+331e4860.2.aarch64.rpm
RedHat	any	ppc64le	varnish	6.0.6-2.module+el8.4.0+14090+331e4860.2	varnish-6.0.6-2.module+el8.4.0+14090+331e4860.2.ppc64le.rpm
RedHat	any	s390x	varnish	6.0.6-2.module+el8.4.0+14090+331e4860.2	varnish-6.0.6-2.module+el8.4.0+14090+331e4860.2.s390x.rpm
RedHat	any	x86_64	varnish	6.0.6-2.module+el8.4.0+14090+331e4860.2	varnish-6.0.6-2.module+el8.4.0+14090+331e4860.2.x86_64.rpm
RedHat	any	aarch64	varnish-devel	6.0.6-2.module+el8.4.0+14090+331e4860.2	varnish-devel-6.0.6-2.module+el8.4.0+14090+331e4860.2.aarch64.rpm
RedHat	any	ppc64le	varnish-devel	6.0.6-2.module+el8.4.0+14090+331e4860.2	varnish-devel-6.0.6-2.module+el8.4.0+14090+331e4860.2.ppc64le.rpm
RedHat	any	s390x	varnish-devel	6.0.6-2.module+el8.4.0+14090+331e4860.2	varnish-devel-6.0.6-2.module+el8.4.0+14090+331e4860.2.s390x.rpm
RedHat	any	x86_64	varnish-devel	6.0.6-2.module+el8.4.0+14090+331e4860.2	varnish-devel-6.0.6-2.module+el8.4.0+14090+331e4860.2.x86_64.rpm
RedHat	any	aarch64	varnish-docs	6.0.6-2.module+el8.4.0+14090+331e4860.2	varnish-docs-6.0.6-2.module+el8.4.0+14090+331e4860.2.aarch64.rpm
RedHat	any	ppc64le	varnish-docs	6.0.6-2.module+el8.4.0+14090+331e4860.2	varnish-docs-6.0.6-2.module+el8.4.0+14090+331e4860.2.ppc64le.rpm

Source	Link
access	www.access.redhat.com/security/cve/CVE-2022-23959
access	www.access.redhat.com/security/updates/classification/
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
nvd	www.nvd.nist.gov/vuln/detail/CVE-2022-23959
varnish-cache	www.varnish-cache.org/security/VSV00008.html
cve	www.cve.org/CVERecord

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

03 Feb 2022 12:20Current

8.5High risk

Vulners AI Score8.5

CVSS26.4

CVSS39.1

EPSS0.00268

CWE-444