8 matches found
varnish: HTTP/2 Broken Window Attack may result in denial of service
A flaw was found in the Varnish cache server, with HTTP/2 support enabled, that may allow a Denial of Service type of attack. A malicious actor can cause the server to run out of credits during the HTTP/2 connection control flow. As a consequence, the server will stop to properly process the acti...
varnish: HTTP/2 Broken Window Attack may result in denial of service
A flaw was found in the Varnish cache server, with HTTP/2 support enabled, that may allow a Denial of Service type of attack. A malicious actor can cause the server to run out of credits during the HTTP/2 connection control flow. As a consequence, the server will stop to properly process the acti...
varnish: HTTP/2 Broken Window Attack may result in denial of service
A flaw was found in the Varnish cache server, with HTTP/2 support enabled, that may allow a Denial of Service type of attack. A malicious actor can cause the server to run out of credits during the HTTP/2 connection control flow. As a consequence, the server will stop to properly process the acti...
The vulnerability of Varnish cache servers, related to the manipulation of requests on the server side, allows attackers to compromise the integrity of the protected information.
The vulnerability of the Varnish cache server relates to the manipulation of requests on the server side. Exploiting this vulnerability allows a malicious actor to affect the integrity of the protected information through a specially crafted HTTP request...
ROS-20240423-01
Apache HTTP Server vulnerability is related to blocking HTTP/2 connection processing if it was opened with 0 initial sliding window size. was opened with the initial sliding window size set to 0. Exploitation of the vulnerability could Allow an attacker acting remotely to cause a denial of servic...
varnish: HTTP/2 Broken Window Attack may result in denial of service
A flaw was found in the Varnish cache server, with HTTP/2 support enabled, that may allow a Denial of Service type of attack. A malicious actor can cause the server to run out of credits during the HTTP/2 connection control flow. As a consequence, the server will stop to properly process the acti...
CVE-2024-30156
A flaw was found in the Varnish cache server, with HTTP/2 support enabled, that may allow a Denial of Service type of attack. A malicious actor can cause the server to run out of credits during the HTTP/2 connection control flow. As a consequence, the server will stop to properly process the acti...
varnish: HTTP/1 request smuggling vulnerability
A flaw was found in Varnish. This flaw allows an attacker to carry out a request smuggling attack on HTTP/1 connections on Varnish cache servers. This smuggled request goes through the usual Varnish Configuration Language VCL processing since the Varnish server treats it as an additional request...