Unity Linux 20.1070e Security Update: varnish (UTSA-2026-017377)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017377 advisory. In Varnish Cache before 6.6.2 and 7.x before 7.0.2, Varnish Cache 6.0 LTS before 6.0.10, and and Varnish Enterprise Cache Plus 4.1.x before 4.1.11r6 and 6.0.x before...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: varnish (UTSA-2026-005275)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005275 advisory. Varnish Cache before 7.6.2 and Varnish Enterprise before 6.0.13r10 allow client-side desync via HTTP/1 requests. Tenable has extracted the preceding description bloc...

MiracleLinux 9 : varnish-6.6.2-4.el9_3.1 (AXSA:2024-7663:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7663:01 advisory. varnish: HTTP/2 Broken Window Attack may result in denial of service CVE-2024-30156 Tenable has extracted the preceding description block directly from the...

MiracleLinux 7 : rh-varnish6-varnish-6.0.8-2.el7.1 (AXSA:2022-3192:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3192:01 advisory. varnish: HTTP/1 request smuggling vulnerability CVE-2022-23959 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 9 : varnish-6.6.2-6.el9_6.1 (AXSA:2025-10495:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10495:01 advisory. varnish: request smuggling attacks CVE-2025-47905 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. No...

ROS-20251215-7312

Vulnerability in varnish related to flaws in http request handling. Exploitation of the vulnerability could allow a remote attacker to send a hidden http request http request smuggling attack...

EUVD-2013-4349

Malware in sbrugna...

RockyLinux 10 : varnish (RLSA-2025:8550)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:8550 advisory. varnish: request smuggling attacks CVE-2025-47905 Tenable has extracted the preceding description block directly from the RockyLinux security advisory. Note that...

EUVD-2024-51483

Malicious code in bioql PyPI...

Fedora: Security Advisory (FEDORA-2025-525d870026)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 10 : varnish (ELSA-2025-8550)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-8550 advisory. 7.6.1-2.el100.1 - Resolves: RHEL-89691 - varnish: request smuggling attacks CVE-2025-47905 Tenable has extracted the preceding description block directly from...

Oracle Linux 9 : varnish (ELSA-2025-8337)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-8337 advisory. 6.6.2-6.1 - Resolves: RHEL-89700 - varnish: request smuggling attacks CVE-2025-47905 Tenable has extracted the preceding description block directly from the...

RHEL 9 : varnish (RHSA-2025:8350)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:8350 advisory. Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and ov...

RHEL 9 : varnish (RHSA-2025:8351)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:8351 advisory. Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and ov...

Debian dla-4187 : libvarnishapi-dev - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4187 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4187-1 [email protected] https://www.debian.org/lts/security/...

Debian dsa-5918 : libvarnishapi-dev - security update

The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5918 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5918-1 [email protected] https://www.debian.org/security/ Moritz...

Debian dla-4101 : libvarnishapi-dev - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4101 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4101-1 [email protected] https://www.debian.org/lts/security/...

USN-7372-1: Varnish vulnerability

Martin van Kervel Smedshammer discovered that Varnish did not properly sanitize certain HTTP headers. A remote attacker could possibly use this issue to perform a cross-site request forgery CSRF attack...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Varnish vulnerability (USN-7372-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-7372-1 advisory. Martin van Kervel Smedshammer discovered that Varnish did not properly sanitize certain HTTP headers. A remote attacker could possibly use...

Ubuntu 16.04 ESM : Varnish vulnerability (USN-4824-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-4824-1 advisory. It was discovered that Varnish incorrectly handled certain inputs. A remote attacker could possibly use this issue to obtain sensitive information. Tenable has...