pkg:Debian/varnish

All known vulnerabilities

• MEDIUM5.3CVE-2023-44487⚠ KEVnghttp2 - security update
  from 0
• CRITICAL9.8CVE-2026-34475Varnish Cache before 8.0.1 and Varnish Enterprise before 6.0.16r12, in certain unchecked req.url scenarios, mishandle URLs with a path of /…
  from 0
• CRITICAL9.8CVE-2009-4488Varnish 2.0.6 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window'…
  from 0
• CRITICAL9.1varnish - security update
  from 0, < 5.0.0-7+deb9u3
• CRITICAL9.1varnish - security update
  from 0, < 6.5.1-1+deb11u2
• CRITICAL9.1varnish - security update
  from 0, < 5.0.0-7+deb9u2
• CRITICAL9.1varnish - security update
  from 0, < 5.2.1-1
• HIGH7.5Varnish Cache 9 before 9.0.1 and Varnish Enterprise before 6.0.16r11 allows a "workspace overflow" denial of service (daemon panic) for cer…
  from 0
• HIGH7.5Pingora MadeYouReset HTTP/2 vulnerability
  from 0
• HIGH7.5Varnish Cache before 7.3.2 and 7.4.x before 7.4.3 (and before 6.0.13 LTS), and Varnish Enterprise 6 before 6.0.12r6, allows credits exhaust…
  from 0
• HIGH7.5varnish - security update
  from 0, < 6.5.1-1+deb11u3
• HIGH7.5varnish - security update
  from 0, < 6.5.1-1+deb11u3
• HIGH7.5An issue was discovered in Varnish Cache 7.x before 7.1.2 and 7.2.x before 7.2.1.
  from 0, < 7.1.1-1.1
• HIGH7.5In Varnish Cache 7.0.0, 7.0.1, 7.0.2, and 7.1.0, it is possible to cause the Varnish Server to assert and automatically restart through for…
  from 0, < 7.1.1-1
• HIGH7.5varnish - security update
  from 0, < 6.1.1-1+deb10u4
• HIGH7.5varnish - security update
  from 0, < 6.4.0-1
• HIGH7.5An issue was discovered in Varnish Cache before 6.0.5 LTS, 6.1.x and 6.2.x before 6.2.2, and 6.3.x before 6.3.1.
  from 0, < 6.4.0-1
• HIGH7.5Varnish HTTP cache before 3.0.4: ACL bug
  from 0, < 3.0.4-1
• HIGH7.5varnish - security update
  from 0, < 6.1.1-1+deb10u1
• HIGH7.5varnish - security update
  from 0, < 6.2.1-1
• HIGH7.5varnish - security update
  from 0, < 5.0.0-7.1
• HIGH7.5varnish - security update
  from 0, < 4.0.2-1+deb8u1
• HIGH7.5varnish - security update
  from 0, < 4.0.0-1
• HIGH7.5varnish - security update
  from 0, < 3.0.2-2+deb7u2
• MEDIUM6.5varnish - security update
  from 0, < 6.5.1-1+deb11u2
• MEDIUM6.5varnish - security update
  from 0, < 6.1.1-1+deb10u3
• MEDIUM5.4varnish - security update
  from 0, < 6.5.1-1+deb11u5
• MEDIUM5.4varnish - security update
  from 0, < 6.5.1-1+deb11u5
• MEDIUM4.8varnish - security update
  from 0, < 6.5.1-1+deb11u4
• MEDIUM4.8varnish - security update
  from 0, < 7.1.1-2+deb12u1
• MEDIUM4.8varnish - security update
  from 0, < 6.5.1-1+deb11u4
• —In Vinyl Cache before 9.0.1 and Varnish Cache before 9.0.3, a deficiency in HTTP/2 request parsing can be exploited to launch a backend req…
  from 0, < 7.7.0-3+deb13u1
• —varnish - denial of service
  from 0, < 2.1.3-8+deb6u1
• —varnish - denial of service
  from 0, < 3.0.5-1
• —The Command Line Interface (aka Server CLI or administration interface) in the master process in the reverse proxy server in Varnish before…
  from 0, < 2.1.0-2