- Home
- CVEs with nessus.description==The remote host is affected by the vulnerability described in GLSA-201607-10 (Varnish: Multiple vulnerabilities)
Varnish fails to properly validate input from HTTP headers, and does not deny requests with multiple Content-Length headers.
Impact :
Remote attackers could conduct an HTTP response splitting attack, which may further enable them to conduct Cross-Site Scripting (XSS), Cache Poisoning, Defacement, and Page Hijacking.
Workaround :
There is no known workaround at this time.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top