Lucene search
K

29 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 7 : rh-varnish6-varnish-6.0.8-2.el7.1 (AXSA:2022-3192:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3192:01 advisory. varnish: HTTP/1 request smuggling vulnerability CVE-2022-23959 Tenable has extracted the preceding description block directly from the MiracleLinux security...

9.1CVSS7.7AI score0.01973EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.8 views

TencentOS Server 3: varnish:6 (TSSA-2022:0024)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0024 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

9.1CVSS6.5AI score0.05789EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/11/14 12:0 a.m.14 views

Fedora 36 : varnish (2022-d77f991ed2)

The remote Fedora 36 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-d77f991ed2 advisory. Automatic update for varnish-7.0.2-1.fc36. Changelog Wed Jan 26 2022 Ingvar Hagelund - 7.0.2-1 - New upstream release. A security release - Includes fix for...

9.1CVSS7.6AI score0.01973EPSS
Exploits0References2
Amazon
Amazon
added 2022/08/23 12:0 a.m.32 views

Important: varnish

Issue Overview: A flaw was found in Varnish. This flaw allows an attacker to carry out a request smuggling attack on HTTP/1 connections on Varnish cache servers. This smuggled request goes through the usual Varnish Configuration Language VCL processing since the Varnish server treats it as an...

9.1CVSS8.6AI score0.01973EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/05/28 12:0 a.m.27 views

openSUSE 15 Security Update : varnish (openSUSE-SU-2022:0148-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0148-1 advisory. - Varnish Cache, with HTTP/2 enabled, allows request smuggling and VCL authorization bypass via a large Content-Length header for a POST...

9.1CVSS7.2AI score0.01973EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2022/05/26 12:0 a.m.24 views

RHEL 7 : rh-varnish6-varnish (RHSA-2022:4745)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:4745 advisory. Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and ov...

9.1CVSS7.6AI score0.01973EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/05/25 8:9 a.m.44 views

Important: Red Hat Security Advisory: rh-varnish6-varnish security update

An update for rh-varnish6-varnish is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.1CVSS7.2AI score0.01973EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/03/11 12:0 a.m.35 views

AlmaLinux 8 : varnish:6 (ALSA-2022:0418)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:0418 advisory. varnish: HTTP/1 request smuggling vulnerability CVE-2022-23959 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory...

9.1CVSS7.6AI score0.01973EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/03/05 12:0 a.m.23 views

Debian: Security Advisory (DSA-5088-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS8AI score0.01973EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2022/03/04 12:0 a.m.72 views

Debian DSA-5088-1 : varnish - security update

The remote Debian 10 / 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5088 advisory. - Varnish Cache, with HTTP/2 enabled, allows request smuggling and VCL authorization bypass via a large Content-Length header for a POST request. This affect...

9.1CVSS7.2AI score0.01973EPSS
Exploits0References9
Debian
Debian
added 2022/03/03 7:50 p.m.38 views

[SECURITY] [DSA 5088-1] varnish security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5088-1 [email protected] https://www.debian.org/security/ Florian Weimer March 03, 2022 https://www.debian.org/security/faq -...

9.1CVSS8.5AI score0.01973EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/02/23 12:0 a.m.27 views

Mageia: Security Advisory (MGASA-2022-0079)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS9.4AI score0.01973EPSS
Exploits0References6
Mageia
Mageia
added 2022/02/22 8:15 p.m.51 views

Updated varnish packages fix security vulnerability

In Varnish Cache before 6.6.2 and 7.x before 7.0.2, Varnish Cache 6.0 LTS before 6.0.10, and Varnish Enterprise Cache Plus 4.1.x before 4.1.11r6 and 6.0.x before 6.0.9r4, request smuggling can occur for HTTP/1 connections. CVE-2022-23959...

9.1CVSS7.1AI score0.01973EPSS
Exploits0References4
Debian
Debian
added 2022/02/14 12:33 a.m.32 views

[SECURITY] [DLA 2920-1] varnish security update

Debian LTS Advisory DLA-2920-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany February 14, 2022 https://wiki.debian.org/LTS Package : varnish Version : 5.0.0-7+deb9u3 CVE ID : CVE-2022-23959 Debian Bug : 1004433 James Kettle discovered that a request smuggling...

9.1CVSS7AI score0.01973EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/02/04 12:0 a.m.40 views

CentOS 8 : varnish:6 (CESA-2022:0418)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2022:0418 advisory. - varnish: HTTP/1 request smuggling vulnerability CVE-2022-23959 Note that Nessus has not tested for this issue but has instead relied only on the application's...

9.1CVSS7.5AI score0.01973EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2022/02/03 12:3 p.m.31 views

Important: Red Hat Security Advisory: varnish:6 security update

An update for the varnish:6 module is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

9.1CVSS7.2AI score0.01973EPSS
Exploits0References2
OSV
OSV
added 2022/02/03 9:29 a.m.22 views

RLSA-2022:0418 Important: varnish:6 security update

Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and over again, giving the website a significant speed up. Security Fixes: varnish: HTTP/1 request smuggling vulnerability CVE-2022-23959 For more details...

9.1CVSS8.4AI score0.01973EPSS
Exploits0References2
OSV
OSV
added 2022/02/03 9:29 a.m.22 views

ALSA-2022:0418 Important: varnish:6 security update

Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and over again, giving the website a significant speed up. Security Fixes: varnish: HTTP/1 request smuggling vulnerability CVE-2022-23959 For more details...

9.1CVSS8.4AI score0.01973EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2022/02/03 12:0 a.m.29 views

varnish:6 security update

varnish 6.0.8-1.1 - Resolves: 2047648 - CVE-2022-23959 varnish:6/varnish: Varnish HTTP/1 Request Smuggling Vulnerability varnish-modules 0.15.0-6 - Related: 1982862 - rebuild for new varnish version...

9.1CVSS2.5AI score0.01973EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/02/03 12:0 a.m.29 views

RHEL 8 : varnish:6 (RHSA-2022:0421)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:0421 advisory. Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and ov...

9.1CVSS7.6AI score0.01973EPSS
Exploits0References4
Rows per page
Query Builder