24 matches found
Varnish varnish-modules before 0.17.1 allows remote attackers to cause a denial of service (daemon restart) in some configurations. This does not affect organizations that only install the Varnish Cache product; however, it is common to install both Varnish Cache and varnish-modules. Specifically, an assertion failure or NULL pointer dereference can be triggered in Varnish Cache through the varnish-modules header.append() and header.copy() functions. For some Varnish Configuration Language (VCL) files, this gives remote clients an opportunity to cause a Varnish Cache restart. A restart reduces overall availability and performance due to an increased number of cache misses, and may cause higher load on backend servers.
...
varnish:6 security update
An update is available for module.varnish-modules, varnish-modules, module.varnish, varnish. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Varnish Cache is a...
CVE-2021-28543 affecting package varnish-modules 0.16.0-4
CVE-2021-28543 affecting package varnish-modules 0.16.0-4. This CVE either no longer is or was never applicable...
varnish security update
varnish 6.0.13-1 - new version 6.0.13 - Resolves: RHEL-30378 - varnish:6/varnish: HTTP/2 Broken Window Attack may result in denial of service CVE-2024-30156 varnish-modules...
varnish security update
varnish 6.0.8-3.1 - Add parameters h2rstallowance and h2rstallowanceperiod to mitigate CVE-2023-44487 varnish-modules...
Fedora: Security Advisory for varnish-modules (FEDORA-2022-0d5dcc031e)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for varnish-modules (FEDORA-2022-99702d9bdd)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
new packages: varnish-modules
An update is available for varnish-modules. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...
[SECURITY] Fedora 35 Update: varnish-modules-0.18.0-5.fc35
This is a collection of modules "vmods" extending Varnish VCL used for describing HTTP request/response policies with additional capabilities. This collection contains the following vmods: bodyaccess, header, saintmode, tcp, var, vsthrottle, xkey...
Fedora: Security Advisory for varnish-modules (FEDORA-2022-2f14ec7663)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
varnish:6 security update
An update is available for varnish, varnish-modules. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Varnish Cache is a high-performance HTTP accelerator. It...
varnish:6 security update
varnish 6.0.8-1.1 - Resolves: 2047648 - CVE-2022-23959 varnish:6/varnish: Varnish HTTP/1 Request Smuggling Vulnerability varnish-modules 0.15.0-6 - Related: 1982862 - rebuild for new varnish version...
6 bug fix and enhancement update
An update is available for varnish, varnish-modules. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the...
Fedora: Security Advisory for varnish-modules (FEDORA-2021-cf7585f0ca)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Denial of Service in varnish-modules version 0.18.0
REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-28543. Reason: This candidate is a duplicate of CVE-2021-28543. Notes: All CVE users should reference CVE-2021-28543 instead of this candidate...
GSD-2021-1000006 Denial of Service in varnish-modules version 0.18.0
REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-28543. Reason: This candidate is a duplicate of CVE-2021-28543. Notes: All CVE users should reference CVE-2021-28543 instead of this candidate...
[SECURITY] Fedora 34 Update: varnish-modules-0.17.1-1.fc34
This is a collection of modules "vmods" extending Varnish VCL used for describing HTTP request/response policies with additional capabilities. This collection contains the following vmods: bodyaccess, header, saintmode, tcp, var, vsthrottle, xkey...
CVE-2021-28543
Varnish varnish-modules before 0.17.1 allows remote attackers to cause a denial of service daemon restart in some configurations. This does not affect organizations that only install the Varnish Cache product; however, it is common to install both Varnish Cache and varnish-modules. Specifically, ...
CVE-2021-28543
Varnish varnish-modules before 0.17.1 allows remote attackers to cause a denial of service daemon restart in some configurations. This does not affect organizations that only install the Varnish Cache product; however, it is common to install both Varnish Cache and varnish-modules. Specifically, ...
Null pointer dereference
Varnish varnish-modules before 0.17.1 allows remote attackers to cause a denial of service daemon restart in some configurations. This does not affect organizations that only install the Varnish Cache product; however, it is common to install both Varnish Cache and varnish-modules. Specifically, ...