Bugzilla – Bug 1188470
VUL-0: CVE-2021-36740: varnish: HTTP/2 request smuggling attack via a large Content-Length header for a POST request
Last modified: 2022-05-27 10:22:30 UTC
rh#1982409 Varnish Cache, with HTTP/2 enabled, allows request smuggling and VCL authorization bypass via a large Content-Length header for a POST request. This affects Varnish Enterprise 6.0.x before 6.0.8r3, and Varnish Cache 5.x and 6.x before 6.5.2, 6.6.x before 6.6.1, and 6.0 LTS before 6.0.8. Reference: https://varnish-cache.org/security/VSV00007.html References: https://bugzilla.redhat.com/show_bug.cgi?id=1982409 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-36740 https://github.com/varnishcache/varnish-cache/commit/9be22198e258d0e7a5c41f4291792214a29405cf https://github.com/varnishcache/varnish-cache/commit/82b0a629f60136e76112c6f2c6372cce77b683be http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36740 https://docs.varnish-software.com/security/VSV00007/ https://varnish-cache.org/security/VSV00007.html
This is an autogenerated message for OBS integration: This bug (1188470) was mentioned in https://build.opensuse.org/request/show/910486 Factory / varnish
This is an autogenerated message for OBS integration: This bug (1188470) was mentioned in https://build.opensuse.org/request/show/977602 Backports:SLE-15-SP3 / varnish
openSUSE-SU-2022:0148-1: An update that solves two vulnerabilities and has one errata is now available. Category: security (important) Bug References: 1181400,1188470,1195188 CVE References: CVE-2021-36740,CVE-2022-23959 JIRA References: Sources used: openSUSE Backports SLE-15-SP3 (src): varnish-7.1.0-bp153.2.3.1