Varnish Cache@3.0.3 Security Vulnerabilities and Issues — Varnish Cache@3.0.3 CVE List

Lucene search

Varnish Cache ProjectVarnish Cache3.0.3

3 matches found

CVE•added 2013/11/01 2:55 a.m.•55 views

CVE-2013-4484

Varnish before 3.0.5 allows remote attackers to cause a denial of service (child-process crash and temporary caching outage) via a GET request with trailing whitespace characters and no URI.

5CVSS6.3AI score0.01461EPSS

CVE•added 2016/04/25 2:59 p.m.•53 views

CVE-2015-8852

Varnish 3.x before 3.0.7, when used in certain stacked installations, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a header line terminated by a \r (carriage return) character in conjunction with multiple Content-Length headers in an HTTP ...

7.5CVSS7.3AI score0.01221EPSS

CVE•added 2014/05/08 2:29 p.m.•42 views

CVE-2013-0345

varnish 3.0.3 uses world-readable permissions for the /var/log/varnish/ directory and the log files in the directory, which allows local users to obtain sensitive information by reading the files. NOTE: some of these details are obtained from third party information.

2.1CVSS5.6AI score0.00047EPSS