| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|
| CVE-2024-30156 | fixed | vulnerable (no DSA) | vulnerable | vulnerable (no DSA, ignored) | vulnerable (no DSA, ignored) | vulnerable | vulnerable | Varnish Cache before 7.3.2 and 7.4.x before 7.4.3 (and before 6.0.13 L ... |
| CVE-2023-44487 | fixed | vulnerable (no DSA) | vulnerable | vulnerable (no DSA, ignored) | vulnerable (no DSA, ignored) | vulnerable | vulnerable | The HTTP/2 protocol allows a denial of service (server resource consum ... |
| CVE-2022-45060 | fixed | vulnerable (no DSA, postponed) | fixed | fixed | fixed | fixed | fixed | An HTTP Request Forgery issue was discovered in Varnish Cache 5.x and ... |
| CVE-2022-23959 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | fixed | fixed | In Varnish Cache before 6.6.2 and 7.x before 7.0.2, Varnish Cache 6.0 ... |
| CVE-2021-36740 | fixed | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | fixed | Varnish Cache, with HTTP/2 enabled, allows request smuggling and VCL a ... |
| CVE-2019-20637 | fixed | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | An issue was discovered in Varnish Cache before 6.0.5 LTS, 6.1.x and 6 ... |
| Bug | Description |
|---|
| CVE-2022-45059 | An issue was discovered in Varnish Cache 7.x before 7.1.2 and 7.2.x be ... |
| CVE-2022-38150 | In Varnish Cache 7.0.0, 7.0.1, 7.0.2, and 7.1.0, it is possible to cau ... |
| CVE-2020-11653 | An issue was discovered in Varnish Cache before 6.0.6 LTS, 6.1.x and 6 ... |
| CVE-2019-15892 | An issue was discovered in Varnish Cache before 6.0.4 LTS, and 6.1.x a ... |
| CVE-2017-12425 | An issue was discovered in Varnish HTTP Cache 4.0.1 through 4.0.4, 4.1 ... |
| CVE-2017-8807 | vbf_stp_error in bin/varnishd/cache/cache_fetch.c in Varnish HTTP Cach ... |
| CVE-2015-8852 | Varnish 3.x before 3.0.7, when used in certain stacked installations, ... |
| CVE-2013-4484 | Varnish before 3.0.5 allows remote attackers to cause a denial of serv ... |
| CVE-2013-4090 | Varnish HTTP cache before 3.0.4: ACL bug |
| CVE-2013-0345 | varnish 3.0.3 uses world-readable permissions for the /var/log/varnish ... |
| CVE-2009-2936 | The Command Line Interface (aka Server CLI or administration interface ... |