Varnish Cache Project Varnish Cache 6.1.1

CPE Details

Varnish Cache Project Varnish Cache 6.1.1
varnish_cache_project
varnish_cache
6.1.1
2022-08-02
14h22 +00:00
2022-08-02
17h21 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:varnish_cache_project:varnish_cache:6.1.1:*:*:*:*:*:*:*

Informations

Vendor

varnish_cache_project

Product

varnish_cache

Version

6.1.1

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2025-30346 2025-03-21 00h00 +00:00 Varnish Cache before 7.6.2 and Varnish Enterprise before 6.0.13r10 allow client-side desync via HTTP/1 requests.
5.4
Moyen
CVE-2023-44487 2023-10-10 00h00 +00:00 The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
7.5
Haute
CVE-2021-36740 2021-07-14 14h07 +00:00 Varnish Cache, with HTTP/2 enabled, allows request smuggling and VCL authorization bypass via a large Content-Length header for a POST request. This affects Varnish Enterprise 6.0.x before 6.0.8r3, and Varnish Cache 5.x and 6.x before 6.5.2, 6.6.x before 6.6.1, and 6.0 LTS before 6.0.8.
6.5
Moyen
CVE-2019-15892 2019-09-03 18h56 +00:00 An issue was discovered in Varnish Cache before 6.0.4 LTS, and 6.1.x and 6.2.x before 6.2.1. An HTTP/1 parsing failure allows a remote attacker to trigger an assert by sending crafted HTTP/1 requests. The assert will cause an automatic restart with a clean cache, which makes it a Denial of Service attack.
7.5
Haute