Bug 1205242 - (CVE-2022-45060) VUL-0: CVE-2022-45060: varnish: HTTP request forgery via character injection through HTTP/2 pseudo-headers
(CVE-2022-45060)
VUL-0: CVE-2022-45060: varnish: HTTP request forgery via character injection ...
Status: NEW
Classification: openSUSE
Product: openSUSE Distribution
Classification: openSUSE
Component: Security
Leap 15.4
Other Other
: P3 - Medium : Normal (vote)
: ---
Assigned To: Jan Engelhardt
Security Team bot
https://smash.suse.de/issue/347487/
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2022-11-09 14:04 UTC by Carlos López
Modified: 2022-11-11 21:01 UTC (History)
0 users

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Carlos López 2022-11-09 14:04:22 UTC
CVE-2022-45060

An HTTP Request Forgery issue was discovered in Varnish Cache 5.x and 6.x before
6.0.11, 7.x before 7.1.2, and 7.2.x before 7.2.1. An attacker may introduce
characters through HTTP/2 pseudo-headers that are invalid in the context of an
HTTP/1 request line, causing the Varnish server to produce invalid HTTP/1
requests to the backend. This could, in turn, be used to exploit vulnerabilities
in a server behind the Varnish server. Note: the 6.0.x LTS series (before
6.0.11) is affected.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-45060
https://www.cve.org/CVERecord?id=CVE-2022-45060
https://docs.varnish-software.com/security/VSV00011
https://varnish-cache.org/security/VSV00011.html
Comment 2 OBSbugzilla Bot 2022-11-09 19:35:06 UTC
This is an autogenerated message for OBS integration:
This bug (1205242) was mentioned in
https://build.opensuse.org/request/show/1034900 Backports:SLE-15-SP4 / varnish
https://build.opensuse.org/request/show/1034901 Backports:SLE-15-SP5 / varnish
Comment 3 Swamp Workflow Management 2022-11-11 21:01:45 UTC
openSUSE-SU-2022:10198-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1205242,1205243
CVE References: CVE-2022-45059,CVE-2022-45060
JIRA References: 
Sources used:
openSUSE Backports SLE-15-SP4 (src):    varnish-7.2.1-bp154.2.9.1