vulnerability
FreeBSD: VID-B0C83E1A-8153-11EC-84F9-641C67A117D8 (CVE-2022-23959): varnish -- Request Smuggling Vulnerability
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
6 | (AV:N/AC:L/Au:N/C:P/I:P/A:N) | Jan 25, 2022 | Nov 4, 2022 | Nov 4, 2022 |
Severity
6
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:N)
Published
Jan 25, 2022
Added
Nov 4, 2022
Modified
Nov 4, 2022
Description
In Varnish Cache before 6.6.2 and 7.x before 7.0.2, Varnish Cache 6.0 LTS before 6.0.10, and and Varnish Enterprise (Cache Plus) 4.1.x before 4.1.11r6 and 6.0.x before 6.0.9r4, request smuggling can occur for HTTP/1 connections.
Solution(s)
freebsd-upgrade-package-varnish4freebsd-upgrade-package-varnish6
References

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.