varnish-software varnish_enterprise CVE Vulnerabilities (6)

CVEs: 6 CPE versions: View versions table

Summary

This page lists publicly disclosed CVE vulnerabilities affecting varnish-software varnish_enterprise (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.

Showing 16 of 6 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2026-40395 Varnish Enterprise before 6.0.16r12 allows a "workspace overflow" denial of service (daemon panic) for shared VCL. The headerplus.write_req0() function from vmod_headerplus updates the underlying req0, which is normally the original read-only request from which req is derived (readable and writable from VCL). This is useful in the active VCL, after amending req, to prepare a refined req0 before switching to a different VCL with the return (vcl(<label>)) action. This is for example how the Varnis [email protected] 4.0 0.24% 2026-04-12 2026-06-17
CVE-2026-40394 Varnish Cache 9 before 9.0.1 and Varnish Enterprise before 6.0.16r11 allows a "workspace overflow" denial of service (daemon panic) for certain amounts of prefetched data. The setup of an HTTP/2 session starts with a speculative HTTP/1 transport, and upon upgrading to h2 the HTTP/1 request is repurposed as stream zero. During the upgrade, a buffer allocation is made to reserve space to send frames to the client. This allocation would split the original workspace, and depending on the amount of p [email protected] 4.0 0.24% 2026-04-12 2026-06-17
CVE-2026-34475 Varnish Cache before 8.0.1 and Varnish Enterprise before 6.0.16r12, in certain unchecked req.url scenarios, mishandle URLs with a path of / for HTTP/1.1, potentially leading to cache poisoning or authentication bypass. [email protected] 5.4 0.20% 2026-03-27 2026-06-17
CVE-2025-30347 Varnish Enterprise before 6.0.13r13 allows remote attackers to obtain sensitive information via an out-of-bounds read for range requests on ephemeral MSE4 stevedore objects. [email protected] 4.0 0.30% 2025-03-21 2026-06-17
CVE-2025-30346 Varnish Cache before 7.6.2 and Varnish Enterprise before 6.0.13r10 allow client-side desync via HTTP/1 requests. [email protected] 5.4 0.27% 2025-03-21 2026-06-17
CVE-2023-41104 libvmod-digest before 1.0.3, as used in Varnish Enterprise 6.0.x before 6.0.11r5, has an out-of-bounds memory access during base64 decoding, leading to both authentication bypass and information disclosure; however, the exact attack surface will depend on the particular VCL (Varnish Configuration Language) configuration in use. [email protected] 6.5 0.49% 2023-08-23 2026-06-17
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence