Lucene search
K

21 matches found

Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.11 views

Alibaba Cloud Linux 3 : 0053: varnish:6 (ALINUX3-SA-2021:0053)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2021:0053 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-36740: Varnish Cache, with HTTP/2 enabled,...

6.5CVSS6.9AI score0.01599EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/02/29 12:0 a.m.24 views

CentOS 9 : varnish-6.5.2-2.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the varnish-6.5.2-2.el9 build changelog. - HTTP/2 request smuggling attack via a large Content-Length header for a POST request CVE-2021-36740 Note that Nessus has not tested for this issue...

6.5CVSS6.8AI score0.01599EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.18 views

Rocky Linux 8 : varnish:6 (RLSA-2021:2988)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:2988 advisory. - Varnish Cache, with HTTP/2 enabled, allows request smuggling and VCL authorization bypass via a large Content-Length header for a POST request. This affects...

6.5CVSS6.8AI score0.01599EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2022/05/28 12:0 a.m.27 views

openSUSE 15 Security Update : varnish (openSUSE-SU-2022:0148-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0148-1 advisory. - Varnish Cache, with HTTP/2 enabled, allows request smuggling and VCL authorization bypass via a large Content-Length header for a POST...

9.1CVSS7.2AI score0.01973EPSS
Exploits0References8
OpenVAS
OpenVAS
added 2022/03/05 12:0 a.m.23 views

Debian: Security Advisory (DSA-5088-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS8AI score0.01973EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2022/03/04 12:0 a.m.72 views

Debian DSA-5088-1 : varnish - security update

The remote Debian 10 / 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5088 advisory. - Varnish Cache, with HTTP/2 enabled, allows request smuggling and VCL authorization bypass via a large Content-Length header for a POST request. This affect...

9.1CVSS7.2AI score0.01973EPSS
Exploits0References9
Debian
Debian
added 2022/03/03 7:50 p.m.37 views

[SECURITY] [DSA 5088-1] varnish security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5088-1 [email protected] https://www.debian.org/security/ Florian Weimer March 03, 2022 https://www.debian.org/security/faq -...

9.1CVSS8.5AI score0.01973EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/08/09 12:0 a.m.30 views

RHEL 7 : rh-varnish6-varnish (RHSA-2021:2993)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:2993 advisory. Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and ov...

6.5CVSS6.9AI score0.01599EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/08/09 12:0 a.m.26 views

RHEL 8 : varnish:6 (RHSA-2021:2988)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:2988 advisory. Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and ov...

6.5CVSS7AI score0.01599EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/08/03 9:25 a.m.64 views

Important: Red Hat Security Advisory: rh-varnish6-varnish security update

An update for rh-varnish6-varnish is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

6.5CVSS6.8AI score0.01599EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/08/03 12:0 a.m.51 views

Oracle Linux 8 : varnish:6 (ELSA-2021-2988)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-2988 advisory. - Resolves: 1982861 - CVE-2021-36740 varnish:6/varnish: HTTP/2 request smuggling attack via a large Content-Length header for a POST request varnish-modules...

6.5CVSS6.8AI score0.01599EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2021/08/02 5:26 p.m.56 views

Important: Red Hat Security Advisory: varnish:6 security update

An update for the varnish:6 module is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 8.1 Extended Update Support, and Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common...

6.5CVSS6.9AI score0.01599EPSS
Exploits0References2
AlmaLinux
AlmaLinux
added 2021/08/02 2:30 p.m.36 views

Important: varnish:6 security update

Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and over again, giving the website a significant speed up. Security Fixes: varnish: HTTP/2 request smuggling attack via a large Content-Length header for ...

6.4CVSS0.4AI score0.01599EPSS
Exploits0References1
OSV
OSV
added 2021/08/02 2:30 p.m.20 views

RLSA-2021:2988 Important: varnish:6 security update

Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and over again, giving the website a significant speed up. Security Fixes: varnish: HTTP/2 request smuggling attack via a large Content-Length header for ...

8.1CVSS6.7AI score0.01599EPSS
Exploits0References2
Rockylinux
Rockylinux
added 2021/08/02 2:30 p.m.24 views

varnish:6 security update

An update is available for varnish, varnish-modules. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Varnish Cache is a high-performance HTTP accelerator. It...

6.5CVSS6.9AI score0.01599EPSS
Exploits0
Mageia
Mageia
added 2021/07/28 8:0 p.m.61 views

Updated varnish packages fix a security vulnerability

Varnish Cache, with HTTP/2 enabled, allows request smuggling and VCL authorization bypass via a large Content-Length header for a POST request. This affects Varnish Enterprise 6.0.x before 6.0.8r3, and Varnish Cache 5.x and 6.x before 6.5.2, 6.6.x before 6.6.1, and 6.0 LTS before 6.0.8...

6.5CVSS2.7AI score0.01599EPSS
Exploits0References3
OSV
OSV
added 2021/07/28 8:0 p.m.2 views

MGASA-2021-0387 Updated varnish packages fix a security vulnerability

Varnish Cache, with HTTP/2 enabled, allows request smuggling and VCL authorization bypass via a large Content-Length header for a POST request. This affects Varnish Enterprise 6.0.x before 6.0.8r3, and Varnish Cache 5.x and 6.x before 6.5.2, 6.6.x before 6.6.1, and 6.0 LTS before 6.0.8...

6.5CVSS6.7AI score0.01599EPSS
Exploits0References4
OSV
OSV
added 2021/07/14 5:15 p.m.31 views

CVE-2021-36740

Varnish Cache, with HTTP/2 enabled, allows request smuggling and VCL authorization bypass via a large Content-Length header for a POST request. This affects Varnish Enterprise 6.0.x before 6.0.8r3, and Varnish Cache 5.x and 6.x before 6.5.2, 6.6.x before 6.6.1, and 6.0 LTS before 6.0.8...

6.5CVSS6.7AI score
Exploits0References7
CVE
CVE
added 2021/07/14 4:7 p.m.200 views

CVE-2021-36740

Varnish Cache, with HTTP/2 enabled, is vulnerable to request smuggling and VCL authorization bypass via a large Content-Length header in POST requests. Affected: Varnish Enterprise 6.0.x before 6.0.8r3; Varnish Cache 5.x and 6.x before 6.5.2; 6.6.x before 6.6.1; and 6.0 LTS before 6.0.8. Mitigati...

6.5CVSS6.5AI score0.01599EPSS
Exploits0References7Affected Software3
Debian CVE
Debian CVE
added 2021/07/14 4:7 p.m.27 views

CVE-2021-36740

Varnish Cache, with HTTP/2 enabled, allows request smuggling and VCL authorization bypass via a large Content-Length header for a POST request. This affects Varnish Enterprise 6.0.x before 6.0.8r3, and Varnish Cache 5.x and 6.x before 6.5.2, 6.6.x before 6.6.1, and 6.0 LTS before 6.0.8...

6.5CVSS6.7AI score0.01599EPSS
Exploits0
Rows per page
Query Builder