diff options
| author | Danilo G. Baio <dbaio@FreeBSD.org> | 2022-11-10 00:05:15 +0000 |
|---|---|---|
| committer | Danilo G. Baio <dbaio@FreeBSD.org> | 2022-11-10 00:07:24 +0000 |
| commit | 124a5223606f87270427c51b20a1b5f03aa16c06 (patch) | |
| tree | e12747db88aa0de66ef972af91b03bfd40261148 | |
| parent | 267b689871d6295cee2886e8a3bdf69dc856ef0d (diff) | |
| download | ports-124a5223606f87270427c51b20a1b5f03aa16c06.tar.gz ports-124a5223606f87270427c51b20a1b5f03aa16c06.zip | |
security/vuxml: Add varnish cache security issues
| -rw-r--r-- | security/vuxml/vuln-2022.xml | 65 |
1 files changed, 65 insertions, 0 deletions
diff --git a/security/vuxml/vuln-2022.xml b/security/vuxml/vuln-2022.xml index 6a6c7dd6e0b4..c5b6d57fd73f 100644 --- a/security/vuxml/vuln-2022.xml +++ b/security/vuxml/vuln-2022.xml @@ -1,3 +1,68 @@ + <vuln vid="5b8d8dee-6088-11ed-8c5e-641c67a117d8"> + <topic>varnish -- HTTP/2 Request Forgery Vulnerability</topic> + <affects> + <package> + <name>varnish7</name> + <range><lt>7.2.1</lt></range> + </package> + <package> + <name>varnish6</name> + <range><le>6.6.2</le></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Varnish Cache Project reports:</p> + <blockquote cite="https://varnish-cache.org/security/VSV00011.html"> + <p>A request forgery attack can be performed on Varnish Cache servers that + have the HTTP/2 protocol turned on. An attacker may introduce + characters through the HTTP/2 pseudo-headers that are invalid in the + context of an HTTP/1 request line, causing the Varnish server to + produce invalid HTTP/1 requests to the backend. This may in turn be + used to successfully exploit vulnerabilities in a server behind the + Varnish server.</p> + </blockquote> + </body> + </description> + <references> + <url>https://varnish-cache.org/security/VSV00011.html</url> + </references> + <dates> + <discovery>2022-11-08</discovery> + <entry>2022-11-09</entry> + </dates> + </vuln> + + <vuln vid="b10d1afa-6087-11ed-8c5e-641c67a117d8"> + <topic>varnish -- Request Smuggling Vulnerability</topic> + <affects> + <package> + <name>varnish7</name> + <range><lt>7.2.1</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Varnish Cache Project reports:</p> + <blockquote cite="https://varnish-cache.org/security/VSV00010.html"> + <p>A request smuggling attack can be performed on Varnish Cache servers by + requesting that certain headers are made hop-by-hop, preventing the + Varnish Cache servers from forwarding critical headers to the backend. + Among the headers that can be filtered this way are both Content-Length + and Host, making it possible for an attacker to both break the HTTP/1 + protocol framing, and bypass request to host routing in VCL.</p> + </blockquote> + </body> + </description> + <references> + <url>https://varnish-cache.org/security/VSV00010.html</url> + </references> + <dates> + <discovery>2022-11-08</discovery> + <entry>2022-11-09</entry> + </dates> + </vuln> + <vuln vid="6b04476f-601c-11ed-92ce-3065ec8fd3ec"> <topic>chromium -- multiple vulnerabilities</topic> <affects> |