8 matches found
openSUSE: Security Advisory for varnish (openSUSE-SU-2022:10104-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 35 : varnish (2022-99c5ddb2ae)
The remote Fedora 35 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-99c5ddb2ae advisory. This is a security update adding fixes for the following issues VSV00009 aka CVE-2022-38150: Denial of service VSV00010 aka CVE-2022-45059: Request...
Fedora: Security Advisory for varnish (FEDORA-2022-99c5ddb2ae)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE 15 Security Update : varnish (openSUSE-SU-2022:10104-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2022:10104-1 advisory. - In Varnish Cache 7.0.0, 7.0.1, 7.0.2, and 7.1.0, it is possible to cause the Varnish Server to assert and automatically restart through forged...
OPENSUSE-SU-2022:10104-1 Security update for varnish
This update for varnish fixes the following issues: Update to release 7.1.1: - CVE-2022-38150: Resolve a denial of service attack involving reason phrases boo1202350...
CVE-2022-38150
In Varnish Cache 7.0.0, 7.0.1, 7.0.2, and 7.1.0, it is possible to cause the Varnish Server to assert and automatically restart through forged HTTP/1 backend responses. An attack uses a crafted reason phrase of the backend response status line. This is fixed in 7.0.3 and 7.1.1...
CVE-2022-38150
CVE-2022-38150 affects Varnish Cache 7.0.0–7.0.2 and 7.1.0. A crafted reason phrase in the backend response can cause the Varnish server to assert and automatically restart. The issue is mitigated by upgrading to Varnish 7.0.3 or 7.1.1, which include the fix. Several open-source advisories (openS...
CVE-2022-38150
In Varnish Cache 7.0.0, 7.0.1, 7.0.2, and 7.1.0, it is possible to cause the Varnish Server to assert and automatically restart through forged HTTP/1 backend responses. An attack uses a crafted reason phrase of the backend response status line. This is fixed in 7.0.3 and 7.1.1...