FreshPorts - VuXML

Varnish Cache Project reports:

A denial of service attack can be performed on Varnish Cache servers that have the HTTP/2 protocol turned on. An attacker can create a large volume of streams and immediately reset them without ever reaching the maximum number of concurrent streams allowed for the session, causing the Varnish server to consume unnecessary resources processing requests for which the response will not be delivered.

< 7.4.2

< 6.6.3

Varnish Cache Project reports:

A request smuggling attack can be performed on Varnish Cache servers by requesting that certain headers are made hop-by-hop, preventing the Varnish Cache servers from forwarding critical headers to the backend. Among the headers that can be filtered this way are both Content-Length and Host, making it possible for an attacker to both break the HTTP/1 protocol framing, and bypass request to host routing in VCL.

< 7.2.1

The Varnish Development Team reports:

A denial of service attack can be performed on Varnish Cacher servers that have the HTTP/2 protocol turned on. An attacker can let the servers HTTP/2 connection control flow window run out of credits indefinitely and prevent progress in the processing of streams, retaining the associated resources.

< 7.4.3

Varnish Cache Project reports:

A request forgery attack can be performed on Varnish Cache servers that have the HTTP/2 protocol turned on. An attacker may introduce characters through the HTTP/2 pseudo-headers that are invalid in the context of an HTTP/1 request line, causing the Varnish server to produce invalid HTTP/1 requests to the backend. This may in turn be used to successfully exploit vulnerabilities in a server behind the Varnish server.

< 7.2.1

le 6.6.2