540 matches found
PT-2026-32183
Name of the Vulnerable Software and Affected Versions Varnish Cache versions prior to 9.0.1 Varnish Enterprise versions prior to 6.0.16r11 Description Varnish Cache and Varnish Enterprise are susceptible to a denial of service daemon panic due to a workspace overflow. This occurs when handling...
SUSE CVE-2026-34475
Varnish Cache before 8.0.1 and Varnish Enterprise before 6.0.16r12, in certain unchecked req.url scenarios, mishandle URLs with a path of / for HTTP/1.1, potentially leading to cache poisoning or authentication bypass...
CVE-2026-34475
A flaw was found in Varnish Cache and Varnish Enterprise. A remote attacker could exploit this vulnerability by sending specially crafted HTTP/1.1 requests with a path of / in the URL. This mishandling of URLs, specifically in unchecked req.url scenarios, could lead to cache poisoning, where an...
Linux Distros Unpatched Vulnerability : CVE-2026-34475
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Varnish Cache before 8.0.1 and Varnish Enterprise before 6.0.16r12, in certain unchecked req.url scenarios, mishandle URLs with a path of / for HTTP/1.1,...
EUVD-2026-16801
Varnish Cache before 8.0.1 and Varnish Enterprise before 6.0.16r12, in certain unchecked req.url scenarios, mishandle URLs with a path of / for HTTP/1.1, potentially leading to cache poisoning or authentication bypass...
CVE-2026-34475
Varnish Cache before 8.0.1 and Varnish Enterprise before 6.0.16r12, in certain unchecked req.url scenarios, mishandle URLs with a path of / for HTTP/1.1, potentially leading to cache poisoning or authentication bypass...
DEBIAN-CVE-2026-34475
Varnish Cache before 8.0.1 and Varnish Enterprise before 6.0.16r12, in certain unchecked req.url scenarios, mishandle URLs with a path of / for HTTP/1.1, potentially leading to cache poisoning or authentication bypass...
CVE-2026-34475
Varnish Cache before 8.0.1 and Varnish Enterprise before 6.0.16r12, in certain unchecked req.url scenarios, mishandle URLs with a path of / for HTTP/1.1, potentially leading to cache poisoning or authentication bypass...
UBUNTU-CVE-2026-34475
Varnish Cache before 8.0.1 and Varnish Enterprise before 6.0.16r12, in certain unchecked req.url scenarios, mishandle URLs with a path of / for HTTP/1.1, potentially leading to cache poisoning or authentication bypass...
CVE-2026-34475
Varnish Cache before 8.0.1 and Varnish Enterprise before 6.0.16r12, in certain unchecked req.url scenarios, mishandle URLs with a path of / for HTTP/1.1, potentially leading to cache poisoning or authentication bypass...
CVE-2026-34475
Varnish Cache before 8.0.1 and Varnish Enterprise before 6.0.16r12, in certain unchecked req.url scenarios, mishandle URLs with a path of / for HTTP/1.1, potentially leading to cache poisoning or authentication bypass...
CVE-2026-34475
Varnish Cache before 8.0.1 and Varnish Enterprise before 6.0.16r12, in certain unchecked req.url scenarios, mishandle URLs with a path of / for HTTP/1.1, potentially leading to cache poisoning or authentication bypass...
CVE-2026-34475
Varnish Cache before 8.0.1 and Varnish Enterprise before 6.0.16r12, in certain unchecked req.url scenarios, mishandle URLs with a path of / for HTTP/1.1, potentially leading to cache poisoning or authentication bypass...
CVE-2026-34475
CVE-2026-34475 affects Varnish Cache (Open Source) ≤ 8.0.0 and Varnish Enterprise ≤ 6.0.16r11, where an unchecked req.url in HTTP/1.1 requests with a root path (/) can be passed to backends that accept absolute-form URIs, enabling cache poisoning or authentication bypass. The issue stems from how...
Varnish Cache 安全漏洞
Varnish Cache is a set of reverse website caching servers developed by the Varnish company. Versions of Varnish Cache prior to 8.0.1 contained security vulnerabilities. These vulnerabilities stemmed from improper handling of certain unchecked req.url scenarios, which could lead to cache poisoning...
PT-2026-28633
Name of the Vulnerable Software and Affected Versions Varnish Cache versions prior to 8.0.1 Varnish Enterprise versions prior to 6.0.16r12 Description The software may improperly handle URLs with a path of '/' for HTTP/1.1 in certain unchecked request URL scenarios. This could potentially lead to...
WordPress CLP Varnish Cache plugin <= 1.0.2 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin CLP Varnish Cache versions = 1.0.2...
CVE-2026-24525
Missing Authorization vulnerability in CloudPanel CLP Varnish Cache clp-varnish-cache allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CLP Varnish Cache: from n/a through = 1.0.2...
CVE-2026-24525
Missing Authorization vulnerability in CloudPanel CLP Varnish Cache clp-varnish-cache allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CLP Varnish Cache: from n/a through = 1.0.2...
CVE-2026-24525
Missing Authorization vulnerability in CloudPanel CLP Varnish Cache clp-varnish-cache allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CLP Varnish Cache: from n/a through = 1.0.2...