Уязвимость CVE-2025-47905

CVE-2025-47905

CVSS3: 5.4

ubuntu

около 1 месяца назад

Varnish Cache before 7.6.3 and 7.7 before 7.7.1, and Varnish Enterprise before 6.0.13r14, allow client-side desync via HTTP/1 requests, because the product incorrectly permits CRLF to be skipped to delimit chunk boundaries.

CVE-2025-47905

CVSS3: 8.1

redhat

около 1 месяца назад

Varnish Cache before 7.6.3 and 7.7 before 7.7.1, and Varnish Enterprise before 6.0.13r14, allow client-side desync via HTTP/1 requests, because the product incorrectly permits CRLF to be skipped to delimit chunk boundaries.

CVE-2025-47905

CVSS3: 5.4

debian

около 1 месяца назад

Varnish Cache before 7.6.3 and 7.7 before 7.7.1, and Varnish Enterpris ...

GHSA-cvpp-rmjx-5x2m

CVSS3: 5.4

github

около 1 месяца назад

Varnish Cache before 7.6.3 and 7.7 before 7.7.1, and Varnish Enterprise before 6.0.13r14, allow client-side desync via HTTP/1 requests, because the product incorrectly permits CRLF to be skipped to delimit chunk boundaries.

ELSA-2025-8337

oracle-oval

17 дней назад

ELSA-2025-8337: varnish security update (IMPORTANT)

exploitDog

CVE-2025-47905

Описание

Ссылки

Дефекты

Связанные уязвимости

Дефекты