SUSE CVE-2025-30346

🗓️ 22 Mar 2025 14:10:49Reported by Suse CVEType

susecve

susecve🔗 www.suse.com👁 2 Views

SUSE CVE-2025-30346 affects Varnish Cache before 7.6.2 and Varnish Enterprise before 6.0.13r10, enabling desync.

Reporter	Title	Published	Views	Family All 39
FreeBSD	www/varnish7 -- client-side desync vulnerability	17 Dec 202400:00	–	freebsd
Circl	CVE-2025-30346	21 Mar 202507:19	–	circl
CNNVD	Varnish Cache和Varnish Enterprise 安全漏洞	21 Mar 202500:00	–	cnnvd
CVE	CVE-2025-30346	21 Mar 202500:00	–	cve
Cvelist	CVE-2025-30346	21 Mar 202500:00	–	cvelist
Debian	[SECURITY] [DLA 4101-1] varnish security update	31 Mar 202520:56	–	debian
Debian CVE	CVE-2025-30346	21 Mar 202500:00	–	debiancve
Tenable Nessus	Debian dla-4101 : libvarnishapi-dev - security update	1 Apr 202500:00	–	nessus
Tenable Nessus	Fedora 41 : varnish (2025-4453f596a8)	5 Apr 202500:00	–	nessus
Tenable Nessus	FreeBSD : www/varnish7 -- client-side desync vulnerability (26f6733d-06a9-11f0-ba0b-641c67a117d8)	23 Mar 202500:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
OpenSUSE Tumbleweed	–	any	libvarnishapi3	7.7.0-1.1	libvarnishapi3-7.7.0-1.1.noarch.rpm
OpenSUSE Leap	15.6	any	libvarnishapi3	7.7.1-bp156.2.3.1	libvarnishapi3-7.7.1-bp156.2.3.1.noarch.rpm
SUSE Linux Enterprise Server	15.6	any	libvarnishapi3	7.7.1-bp156.2.3.1	libvarnishapi3-7.7.1-bp156.2.3.1.noarch.rpm
SUSE Linux Enterprise Server	15.7	any	libvarnishapi3	7.7.1-bp157.2.3.1	libvarnishapi3-7.7.1-bp157.2.3.1.noarch.rpm
OpenSUSE Tumbleweed	–	any	libvinylapi3	9.0.0-1.1	libvinylapi3-9.0.0-1.1.noarch.rpm
OpenSUSE Tumbleweed	–	any	varnish	7.7.0-1.1	varnish-7.7.0-1.1.noarch.rpm
OpenSUSE Leap	15.6	any	varnish	7.7.1-bp156.2.3.1	varnish-7.7.1-bp156.2.3.1.noarch.rpm
SUSE Linux Enterprise Server	15.6	any	varnish	7.7.1-bp156.2.3.1	varnish-7.7.1-bp156.2.3.1.noarch.rpm
SUSE Linux Enterprise Server	15.7	any	varnish	7.7.1-bp157.2.3.1	varnish-7.7.1-bp157.2.3.1.noarch.rpm
OpenSUSE Tumbleweed	–	any	varnish-devel	7.7.0-1.1	varnish-devel-7.7.0-1.1.noarch.rpm

Source	Link
suse	www.suse.com/security/cve/CVE-2025-30346
suse	www.suse.com/support/security/rating/
bugzilla	www.bugzilla.suse.com/1239892
lists	www.lists.opensuse.org/archives/list/[email protected]/thread/4W2PDV3WT6MOJEDJ7A2X2U22B5IJIJ4U/

21 May 2026 02:41Current

7High risk

Vulners AI Score7

CVSS 3.14.8

EPSS0.00266

SUSE Varnish Cache Varnish Enterprise CVE 2025 30346 desync