30 matches found
varnish: Request Forgery Vulnerability
An HTTP Request Forgery issue was discovered in Varnish Cache. An attacker may introduce characters through HTTP/2 pseudo-headers that are invalid in the context of an HTTP/1 request line, causing the Varnish server to produce invalid HTTP/1 requests to the backend. This could be used to exploit...
varnish: Request Forgery Vulnerability
An HTTP Request Forgery issue was discovered in Varnish Cache. An attacker may introduce characters through HTTP/2 pseudo-headers that are invalid in the context of an HTTP/1 request line, causing the Varnish server to produce invalid HTTP/1 requests to the backend. This could be used to exploit...
varnish: Request Forgery Vulnerability
An HTTP Request Forgery issue was discovered in Varnish Cache. An attacker may introduce characters through HTTP/2 pseudo-headers that are invalid in the context of an HTTP/1 request line, causing the Varnish server to produce invalid HTTP/1 requests to the backend. This could be used to exploit...
varnish: Request Forgery Vulnerability
An HTTP Request Forgery issue was discovered in Varnish Cache. An attacker may introduce characters through HTTP/2 pseudo-headers that are invalid in the context of an HTTP/1 request line, causing the Varnish server to produce invalid HTTP/1 requests to the backend. This could be used to exploit...
FreeBSD : varnish -- HTTP/2 Request Forgery Vulnerability (5b8d8dee-6088-11ed-8c5e-641c67a117d8)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 5b8d8dee-6088-11ed-8c5e-641c67a117d8 advisory. - Varnish Cache Project reports: A request forgery attack can be performed on Varnish Cache servers tha...
Varnish Cache 安全漏洞
Varnish Cache is a set of reverse web caching servers. A security vulnerability exists in Varnish Cache version 5.x, version 6.x up to and including version 6.0.11, version 7.x up to and including version 7.1.2, and version 7.2.x up to and including version 7.2.1. An attacker exploits this...
CVE-2022-45060
An HTTP Request Forgery issue was discovered in Varnish Cache 5.x and 6.x before 6.0.11, 7.x before 7.1.2, and 7.2.x before 7.2.1. An attacker may introduce characters through HTTP/2 pseudo-headers that are invalid in the context of an HTTP/1 request line, causing the Varnish server to produce...
CVE-2022-45060
An HTTP Request Forgery issue was discovered in Varnish Cache 5.x and 6.x before 6.0.11, 7.x before 7.1.2, and 7.2.x before 7.2.1. An attacker may introduce characters through HTTP/2 pseudo-headers that are invalid in the context of an HTTP/1 request line, causing the Varnish server to produce...
PT-2022-7316
Name of the Vulnerable Software and Affected Versions Varnish Cache versions 5.x through 6.0.10 Varnish Cache versions 7.x through 7.1.1 Varnish Cache versions 7.2.x through 7.2.0 Description An HTTP Request Forgery issue was discovered in Varnish Cache, where an attacker may introduce characters...
varnish -- HTTP/2 Request Forgery Vulnerability
Varnish Cache Project reports: A request forgery attack can be performed on Varnish Cache servers that have the HTTP/2 protocol turned on. An attacker may introduce characters through the HTTP/2 pseudo-headers that are invalid in the context of an HTTP/1 request line, causing the Varnish server t...