Varnish Cache Project Varnish Cache 6.5.2

CPE Details

Varnish Cache Project Varnish Cache 6.5.2
varnish_cache_project
varnish_cache
6.5.2
2022-08-02
14h22 +00:00
2022-08-02
17h21 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:varnish_cache_project:varnish_cache:6.5.2:*:*:*:*:*:*:*

Informations

Vendor

varnish_cache_project

Product

varnish_cache

Version

6.5.2

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2025-30346 2025-03-21 00h00 +00:00 Varnish Cache before 7.6.2 and Varnish Enterprise before 6.0.13r10 allow client-side desync via HTTP/1 requests.
5.4
Medium
CVE-2023-44487 2023-10-10 00h00 +00:00 The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
7.5
High
CVE-2021-36740 2021-07-14 14h07 +00:00 Varnish Cache, with HTTP/2 enabled, allows request smuggling and VCL authorization bypass via a large Content-Length header for a POST request. This affects Varnish Enterprise 6.0.x before 6.0.8r3, and Varnish Cache 5.x and 6.x before 6.5.2, 6.6.x before 6.6.1, and 6.0 LTS before 6.0.8.
6.5
Medium