WordPress Varnish/Nginx Proxy Caching <= 1.8.3 - Information Exposure

Razvan Stanga Varnish/Nginx Proxy Caching = 1.8.3 contains an insertion of sensitive information into sent data vulnerability caused by improper handling of embedded sensitive data, letting attackers retrieve sensitive information, exploit requires crafted requests. id: CVE-2025-62126 info: name:...

ROOT-OS-DEBIAN-12-CVE-2024-30156 CVE-2024-30156 in rootio-varnish - Patched by Root

Root has patched CVE-2024-30156 in the rootio-varnish package for Root:Debian:12. Multiple fixed versions available...

ROOT-OS-DEBIAN-12-CVE-2023-44487 CVE-2023-44487 in rootio-nginx - Patched by Root

Root has patched CVE-2023-44487 in the rootio-nginx package for Root:Debian:12. Multiple fixed versions available...

[SECURITY] Fedora 44 Update: vmod-querystring-2.0.3-13.fc44

The purpose of this module is to give you a fine-grained control over a URL's query-string in Varnish Cache. It's possible to remove the query-string, clean it, sort its parameters or filter it to only keep a subset of them. This can greatly improve your hit ratio and efficiency with Varnish,...

[SECURITY] Fedora 44 Update: varnish-modules-0.27.0-4.fc44

This is a collection of modules "vmods" extending Varnish VCL used for describing HTTP request/response policies with additional capabilities. This collection contains the following vmods: bodyaccess, header, saintmode, tcp, var, vsthrottle, xkey...

[SECURITY] Fedora 44 Update: varnish-8.0.2-1.fc44

This is Varnish Cache, a high-performance HTTP accelerator. Varnish Cache stores web pages in memory so web servers don=E2=80=99t have to create the same web page over and over again. Varnish Cache serves pages much faster than any application server; giving the website a significant speed up...

Fedora 44 : collectd / varnish / varnish-modules / vmod-querystring / vmod-uuid (2026-2148c0e80b)

The remote Fedora 44 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-2148c0e80b advisory. New upstream release varnish-8.0.2, a security release. Includes fix for VSV00019. Dependent packages are included in this update. Tenable has extracted the...

OESA-2026-2677 varnish security update

This is Varnish Cache, a web application accelerator also known as a caching HTTP reverse proxy. You install it in front of any server that speaks HTTP and configure it to cache the contents. Varnish Cache is really, really fast. It typically speeds up delivery with a factor of 300 - 1000x,...

CVE-2026-50052

In Vinyl Cache before 9.0.1 and Varnish Cache before 9.0.3, a deficiency in HTTP/2 request parsing can be exploited to launch a backend request desync attack request smuggling, which in turn can be used for cache poisoning, authentication bypass, or possibly even information disclosure and...

UBUNTU-CVE-2026-50052

In Vinyl Cache before 9.0.1 and Varnish Cache before 9.0.3, a deficiency in HTTP/2 request parsing can be exploited to launch a backend request desync attack request smuggling, which in turn can be used for cache poisoning, authentication bypass, or possibly even information disclosure and...

CVE-2026-50052

In Vinyl Cache before 9.0.1 and Varnish Cache before 9.0.3, a deficiency in HTTP/2 request parsing can be exploited to launch a backend request desync attack request smuggling, which in turn can be used for cache poisoning, authentication bypass, or possibly even information disclosure and...

CVE-2026-50052

In Vinyl Cache before 9.0.1 and Varnish Cache before 9.0.3, a deficiency in HTTP/2 request parsing can be exploited to launch a backend request desync attack request smuggling, which in turn can be used for cache poisoning, authentication bypass, or possibly even information disclosure and...

CVE-2026-50052

Affected products/versions: Vinyl Cache &lt; 9.0.1 and Varnish Cache

EUVD-2026-34066

In Vinyl Cache before 9.0.1 and Varnish Cache before 9.0.3, a deficiency in HTTP/2 request parsing can be exploited to launch a backend request desync attack request smuggling, which in turn can be used for cache poisoning, authentication bypass, or possibly even information disclosure and...

Varnish Cache和Vinyl Cache 环境问题漏洞

Varnish Cache is a set of reverse website caching servers provided by the Varnish company. Vinyl Cache is a high-performance HTTP reverse proxy and web application caching acceleration platform offered by the Vinyl Cache company. Versions of Vinyl Cache prior to 9.0.1 and Varnish Cache prior to...

Linux Distros Unpatched Vulnerability : CVE-2026-50052

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Vinyl Cache before 9.0.1 and Varnish Cache before 9.0.3, a deficiency in HTTP/2 request parsing can be exploited to launch a backend request desync attack...

[SECURITY] [DSA 6303-1] varnish security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6303-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 27, 2026 https://www.debian.org/security/faq -...

FreeBSD : Vinyl/Varnish -- HTTP/2 parsing deficiency (f0f4bb64-52c6-11f1-a1c0-0050569f0b83)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the f0f4bb64-52c6-11f1-a1c0-0050569f0b83 advisory. Vinyl Development Team reports: A deficiency in HTTP/2 request parsing can be exploited to launch a...

SUSE CVE-2017-12425

An issue was discovered in Varnish HTTP Cache 4.0.1 through 4.0.4, 4.1.0 through 4.1.7, 5.0.0, and 5.1.0 through 5.1.2. A wrong if statement in the varnishd source code means that particular invalid requests from the client can trigger an assert, related to an Integer Overflow. This causes the...

Unity Linux 20.1070e Security Update: varnish (UTSA-2026-017377)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017377 advisory. In Varnish Cache before 6.6.2 and 7.x before 7.0.2, Varnish Cache 6.0 LTS before 6.0.10, and and Varnish Enterprise Cache Plus 4.1.x before 4.1.11r6 and 6.0.x before...