Varnish Cache@* Security Vulnerabilities and Issues — Varnish Cache@* CVE List

Lucene search

Varnish Cache ProjectVarnish Cache*

3 matches found

CVE•added 2023/10/10 2:15 p.m.•4762 views

CVE-2023-44487

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

7.5CVSS8AI score0.94422EPSS

In wildWeb

CVE•added 2025/03/21 7:15 a.m.•60 views

CVE-2025-30346

Varnish Cache before 7.6.2 and Varnish Enterprise before 6.0.13r10 allow client-side desync via HTTP/1 requests.

5.4CVSS7.1AI score0.00059EPSS

CVE•added 2020/02/12 4:15 p.m.•43 views

CVE-2013-4090

Varnish HTTP cache before 3.0.4: ACL bug

7.5CVSS7.5AI score0.00351EPSS