CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-45059

An issue was discovered in Varnish Cache 7.x before 7.1.2 and 7.2.x before 7.2.1. A request smuggling attack can be performed on Varnish Cache servers by requesting that certain headers are made hop-by-hop, preventing the Varnish Cache servers from forwarding critical headers to the backend.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 63.2%

CVSS Severity

CVSS v3 Score 7.5

References

Products affected by CVE-2022-45059

Varnish Cache Project » Varnish Cache » Version: 7.0.0

cpe:2.3:a:varnish_cache_project:varnish_cache:7.0.0
Varnish Cache Project » Varnish Cache » Version: 7.0.1

cpe:2.3:a:varnish_cache_project:varnish_cache:7.0.1
Varnish Cache Project » Varnish Cache » Version: 7.0.2

cpe:2.3:a:varnish_cache_project:varnish_cache:7.0.2
Varnish Cache Project » Varnish Cache » Version: 7.0.3

cpe:2.3:a:varnish_cache_project:varnish_cache:7.0.3
Varnish Cache Project » Varnish Cache » Version: 7.1.0

cpe:2.3:a:varnish_cache_project:varnish_cache:7.1.0
Varnish Cache Project » Varnish Cache » Version: 7.1.1

cpe:2.3:a:varnish_cache_project:varnish_cache:7.1.1
Varnish Cache Project » Varnish Cache » Version: 7.2.0

cpe:2.3:a:varnish_cache_project:varnish_cache:7.2.0
Fedoraproject » Fedora » Version: 35

cpe:2.3:o:fedoraproject:fedora:35
Fedoraproject » Fedora » Version: 36

cpe:2.3:o:fedoraproject:fedora:36
Fedoraproject » Fedora » Version: 37

cpe:2.3:o:fedoraproject:fedora:37

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-45059

Products

Pricing

Contact Us