vulnerability
Red Hat: CVE-2022-23959: CVE-2022-23959 varnish: HTTP/1 request smuggling vulnerability (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:N/AC:L/Au:N/C:P/I:P/A:N) | Jan 26, 2022 | Feb 4, 2022 | Nov 27, 2024 |
Severity
6
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:N)
Published
Jan 26, 2022
Added
Feb 4, 2022
Modified
Nov 27, 2024
Description
In Varnish Cache before 6.6.2 and 7.x before 7.0.2, Varnish Cache 6.0 LTS before 6.0.10, and and Varnish Enterprise (Cache Plus) 4.1.x before 4.1.11r6 and 6.0.x before 6.0.9r4, request smuggling can occur for HTTP/1 connections.
Solution(s)
redhat-upgrade-varnishredhat-upgrade-varnish-develredhat-upgrade-varnish-docsredhat-upgrade-varnish-modulesredhat-upgrade-varnish-modules-debuginforedhat-upgrade-varnish-modules-debugsource
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.