TencentOS Server 4: varnish (TSSA-2025:0276)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0276 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

Fedora: Security Advisory (FEDORA-2025-4453f596a8)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 41 : varnish (2025-4453f596a8)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-4453f596a8 advisory. Security: This update includes fix for VSV00015 aka CVE-2025-30346. Upstream considers this a low risk problem. For details, refer to...

Debian dla-4101 : libvarnishapi-dev - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4101 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4101-1 [email protected] https://www.debian.org/lts/security/...

Debian: Security Advisory (DLA-4101-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 4101-1] varnish security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4101-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk March 31, 2025 https://wiki.debian.org/LTS -...

SUSE CVE-2025-30346

Varnish Cache before 7.6.2 and Varnish Enterprise before 6.0.13r10 allow client-side desync via HTTP/1 requests...

CVE-2025-30346

A flaw was found in Varnish Cache and Varnish Enterprise. This vulnerability allows client-side desynchronization via crafted HTTP/1 requests. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprisi...

CVE-2025-30346

creationtimestamp| type| source ---|---|--- 2025-03-21 07:19:50+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/8323 2025-03-21 10:07:39+00:00| seen| https://t.me/cvedetector/20795 2025-03-21 11:23:46+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lkv3yffyyj2j 2025-04-02...

ALPINE-CVE-2025-30346

Varnish Cache before 7.6.2 and Varnish Enterprise before 6.0.13r10 allow client-side desync via HTTP/1 requests...

CVE-2025-30346

Varnish Cache before 7.6.2 and Varnish Enterprise before 6.0.13r10 allow client-side desync via HTTP/1 requests...

CVE-2025-30346

Varnish Cache before 7.6.2 and Varnish Enterprise before 6.0.13r10 allow client-side desync via HTTP/1 requests...

CVE-2025-30346

Varnish Cache before 7.6.2 and Varnish Enterprise before 6.0.13r10 allow client-side desync via HTTP/1 requests...

CVE-2025-30346

Varnish Cache and Varnish Enterprise are affected by CVE-2025-30346: a HTTP/1 client-side desync vulnerability that can be triggered by malformed HTTP/1 requests. Affected versions are Varnish Cache prior to 7.6.2 and Varnish Enterprise prior to 6.0.13r10. The vulnerability description in connect...