Описание
Varnish Cache before 7.3.2 and 7.4.x before 7.4.3 (and before 6.0.13 LTS), and Varnish Enterprise 6 before 6.0.12r6, allows credits exhaustion for an HTTP/2 connection control flow window, aka a Broke Window Attack.
Релиз | Статус | Примечание |
---|---|---|
devel | not-affected | |
esm-apps/bionic | not-affected | code not present |
esm-apps/focal | not-affected | code not present |
esm-apps/jammy | ignored | changes too intrusive |
esm-apps/noble | ignored | changes too intrusive |
esm-apps/xenial | not-affected | code not present |
esm-infra-legacy/trusty | not-affected | code not present |
focal | not-affected | code not present |
jammy | ignored | changes too intrusive |
mantic | ignored | end of life, was needs-triage |
Показывать по
EPSS
7.5 High
CVSS3
Связанные уязвимости
Varnish Cache before 7.3.2 and 7.4.x before 7.4.3 (and before 6.0.13 LTS), and Varnish Enterprise 6 before 6.0.12r6, allows credits exhaustion for an HTTP/2 connection control flow window, aka a Broke Window Attack.
Varnish Cache before 7.3.2 and 7.4.x before 7.4.3 (and before 6.0.13 LTS), and Varnish Enterprise 6 before 6.0.12r6, allows credits exhaustion for an HTTP/2 connection control flow window, aka a Broke Window Attack.
Varnish Cache before 7.3.2 and 7.4.x before 7.4.3 (and before 6.0.13 L ...
Varnish Cache before 7.3.2 and 7.4.x before 7.4.3 (and before 6.0.13 LTS), and Varnish Enterprise 6 before 6.0.12r6, allows credits exhaustion for an HTTP/2 connection control flow window, aka a Broke Window Attack.
EPSS
7.5 High
CVSS3