Lucene search
+L

540 matches found

Positive Technologies
Positive Technologies
added 2026/04/12 12:0 a.m.7 views

PT-2026-32183

Name of the Vulnerable Software and Affected Versions Varnish Cache versions prior to 9.0.1 Varnish Enterprise versions prior to 6.0.16r11 Description Varnish Cache and Varnish Enterprise are susceptible to a denial of service daemon panic due to a workspace overflow. This occurs when handling...

4CVSS6.1AI score0.00236EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/04/02 11:26 p.m.8 views

SUSE CVE-2026-34475

Varnish Cache before 8.0.1 and Varnish Enterprise before 6.0.16r12, in certain unchecked req.url scenarios, mishandle URLs with a path of / for HTTP/1.1, potentially leading to cache poisoning or authentication bypass...

5.4CVSS5.8AI score0.00202EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/03/30 10:54 a.m.11 views

CVE-2026-34475

A flaw was found in Varnish Cache and Varnish Enterprise. A remote attacker could exploit this vulnerability by sending specially crafted HTTP/1.1 requests with a path of / in the URL. This mishandling of URLs, specifically in unchecked req.url scenarios, could lead to cache poisoning, where an...

5.4CVSS5.9AI score0.00202EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/03/28 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-34475

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Varnish Cache before 8.0.1 and Varnish Enterprise before 6.0.16r12, in certain unchecked req.url scenarios, mishandle URLs with a path of / for HTTP/1.1,...

9.8CVSS5.8AI score0.00202EPSS
Exploits1References4
EUVD
EUVD
added 2026/03/27 9:31 p.m.9 views

EUVD-2026-16801

Varnish Cache before 8.0.1 and Varnish Enterprise before 6.0.16r12, in certain unchecked req.url scenarios, mishandle URLs with a path of / for HTTP/1.1, potentially leading to cache poisoning or authentication bypass...

5.4CVSS5.9AI score0.00202EPSS
Exploits1References2
NVD
NVD
added 2026/03/27 8:16 p.m.4 views

CVE-2026-34475

Varnish Cache before 8.0.1 and Varnish Enterprise before 6.0.16r12, in certain unchecked req.url scenarios, mishandle URLs with a path of / for HTTP/1.1, potentially leading to cache poisoning or authentication bypass...

9.8CVSS0.00202EPSS
Exploits1References1
OSV
OSV
added 2026/03/27 8:16 p.m.13 views

DEBIAN-CVE-2026-34475

Varnish Cache before 8.0.1 and Varnish Enterprise before 6.0.16r12, in certain unchecked req.url scenarios, mishandle URLs with a path of / for HTTP/1.1, potentially leading to cache poisoning or authentication bypass...

9.8CVSS5.3AI score0.00202EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2026/03/27 8:16 p.m.5 views

CVE-2026-34475

Varnish Cache before 8.0.1 and Varnish Enterprise before 6.0.16r12, in certain unchecked req.url scenarios, mishandle URLs with a path of / for HTTP/1.1, potentially leading to cache poisoning or authentication bypass...

9.8CVSS5.9AI score0.00202EPSS
Exploits1References2
OSV
OSV
added 2026/03/27 8:16 p.m.12 views

UBUNTU-CVE-2026-34475

Varnish Cache before 8.0.1 and Varnish Enterprise before 6.0.16r12, in certain unchecked req.url scenarios, mishandle URLs with a path of / for HTTP/1.1, potentially leading to cache poisoning or authentication bypass...

9.8CVSS5.8AI score0.00202EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/03/27 7:40 p.m.3 views

CVE-2026-34475

Varnish Cache before 8.0.1 and Varnish Enterprise before 6.0.16r12, in certain unchecked req.url scenarios, mishandle URLs with a path of / for HTTP/1.1, potentially leading to cache poisoning or authentication bypass...

5.4CVSS5.9AI score0.00202EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/27 7:40 p.m.5 views

CVE-2026-34475

Varnish Cache before 8.0.1 and Varnish Enterprise before 6.0.16r12, in certain unchecked req.url scenarios, mishandle URLs with a path of / for HTTP/1.1, potentially leading to cache poisoning or authentication bypass...

5.4CVSS5.9AI score0.00202EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/03/27 7:40 p.m.32 views

CVE-2026-34475

Varnish Cache before 8.0.1 and Varnish Enterprise before 6.0.16r12, in certain unchecked req.url scenarios, mishandle URLs with a path of / for HTTP/1.1, potentially leading to cache poisoning or authentication bypass...

5.4CVSS0.00202EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2026/03/27 7:40 p.m.4 views

CVE-2026-34475

Varnish Cache before 8.0.1 and Varnish Enterprise before 6.0.16r12, in certain unchecked req.url scenarios, mishandle URLs with a path of / for HTTP/1.1, potentially leading to cache poisoning or authentication bypass...

9.8CVSS5.3AI score0.00202EPSS
Exploits1
CVE
CVE
added 2026/03/27 7:40 p.m.27 views

CVE-2026-34475

CVE-2026-34475 affects Varnish Cache (Open Source) ≤ 8.0.0 and Varnish Enterprise ≤ 6.0.16r11, where an unchecked req.url in HTTP/1.1 requests with a root path (/) can be passed to backends that accept absolute-form URIs, enabling cache poisoning or authentication bypass. The issue stems from how...

9.8CVSS5.9AI score0.00202EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2026/03/27 12:0 a.m.10 views

Varnish Cache 安全漏洞

Varnish Cache is a set of reverse website caching servers developed by the Varnish company. Versions of Varnish Cache prior to 8.0.1 contained security vulnerabilities. These vulnerabilities stemmed from improper handling of certain unchecked req.url scenarios, which could lead to cache poisoning...

9.8CVSS5.8AI score0.00202EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.9 views

PT-2026-28633

Name of the Vulnerable Software and Affected Versions Varnish Cache versions prior to 8.0.1 Varnish Enterprise versions prior to 6.0.16r12 Description The software may improperly handle URLs with a path of '/' for HTTP/1.1 in certain unchecked request URL scenarios. This could potentially lead to...

9.8CVSS5.9AI score0.00202EPSS
Exploits1References12
Patchstack
Patchstack
added 2026/01/26 1:2 p.m.10 views

WordPress CLP Varnish Cache plugin <= 1.0.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin CLP Varnish Cache versions = 1.0.2...

5.3CVSS5.9AI score0.00342EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/24 3:18 p.m.6 views

CVE-2026-24525

Missing Authorization vulnerability in CloudPanel CLP Varnish Cache clp-varnish-cache allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CLP Varnish Cache: from n/a through = 1.0.2...

5.3CVSS5.4AI score0.00342EPSS
Exploits0References1
NVD
NVD
added 2026/01/23 3:16 p.m.6 views

CVE-2026-24525

Missing Authorization vulnerability in CloudPanel CLP Varnish Cache clp-varnish-cache allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CLP Varnish Cache: from n/a through = 1.0.2...

5.3CVSS0.00342EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/23 2:28 p.m.4 views

CVE-2026-24525

Missing Authorization vulnerability in CloudPanel CLP Varnish Cache clp-varnish-cache allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CLP Varnish Cache: from n/a through = 1.0.2...

5.3CVSS5.9AI score0.00342EPSS
Exploits0References2
Rows per page
Query Builder