Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/varnish@4.0.2-1
Typedeb
Namespacedebian
Namevarnish
Version4.0.2-1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version7.7.3-2
Latest_non_vulnerable_version7.7.3-2
Affected_by_vulnerabilities
0
url VCID-4fbk-5fwk-efbd
vulnerability_id VCID-4fbk-5fwk-efbd
summary security update
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8807.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8807.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-8807
reference_id
reference_type
scores
0
value 0.01307
scoring_system epss
scoring_elements 0.79808
published_at 2026-04-21T12:55:00Z
1
value 0.01307
scoring_system epss
scoring_elements 0.79799
published_at 2026-04-11T12:55:00Z
2
value 0.01307
scoring_system epss
scoring_elements 0.79783
published_at 2026-04-12T12:55:00Z
3
value 0.01307
scoring_system epss
scoring_elements 0.79776
published_at 2026-04-13T12:55:00Z
4
value 0.01307
scoring_system epss
scoring_elements 0.79803
published_at 2026-04-16T12:55:00Z
5
value 0.01307
scoring_system epss
scoring_elements 0.79805
published_at 2026-04-18T12:55:00Z
6
value 0.01748
scoring_system epss
scoring_elements 0.825
published_at 2026-04-07T12:55:00Z
7
value 0.01748
scoring_system epss
scoring_elements 0.82527
published_at 2026-04-08T12:55:00Z
8
value 0.01748
scoring_system epss
scoring_elements 0.82534
published_at 2026-04-09T12:55:00Z
9
value 0.01748
scoring_system epss
scoring_elements 0.82472
published_at 2026-04-01T12:55:00Z
10
value 0.01748
scoring_system epss
scoring_elements 0.82486
published_at 2026-04-02T12:55:00Z
11
value 0.01748
scoring_system epss
scoring_elements 0.82503
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-8807
2
reference_url https://bugs.debian.org/881808
reference_id
reference_type
scores
url https://bugs.debian.org/881808
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8807
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8807
4
reference_url https://github.com/varnishcache/varnish-cache/commit/176f8a075a963ffbfa56f1c460c15f6a1a6af5a7
reference_id
reference_type
scores
url https://github.com/varnishcache/varnish-cache/commit/176f8a075a963ffbfa56f1c460c15f6a1a6af5a7
5
reference_url https://github.com/varnishcache/varnish-cache/pull/2429
reference_id
reference_type
scores
url https://github.com/varnishcache/varnish-cache/pull/2429
6
reference_url https://www.debian.org/security/2017/dsa-4034
reference_id
reference_type
scores
url https://www.debian.org/security/2017/dsa-4034
7
reference_url http://varnish-cache.org/security/VSV00002.html
reference_id
reference_type
scores
url http://varnish-cache.org/security/VSV00002.html
8
reference_url http://www.securityfocus.com/bid/101886
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/101886
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1513523
reference_id 1513523
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1513523
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881808
reference_id 881808
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881808
11
reference_url https://security.archlinux.org/ASA-201711-29
reference_id ASA-201711-29
reference_type
scores
url https://security.archlinux.org/ASA-201711-29
12
reference_url https://security.archlinux.org/AVG-502
reference_id AVG-502
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-502
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:varnish_cache_project:varnish_cache:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:varnish_cache_project:varnish_cache:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:varnish_cache_project:varnish_cache:*:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:varnish-cache:varnish:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:varnish-cache:varnish:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:varnish-cache:varnish:*:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-8807
reference_id CVE-2017-8807
reference_type
scores
0
value 6.4
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:P
1
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2017-8807
17
reference_url https://usn.ubuntu.com/USN-4824-1/
reference_id USN-USN-4824-1
reference_type
scores
url https://usn.ubuntu.com/USN-4824-1/
fixed_packages
0
url pkg:deb/debian/varnish@5.0.0-7%2Bdeb9u2
purl pkg:deb/debian/varnish@5.0.0-7%2Bdeb9u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4fbk-5fwk-efbd
1
vulnerability VCID-hery-ps62-9kf5
2
vulnerability VCID-hpb7-1n1t-n3em
3
vulnerability VCID-j1qj-kj7k-v7fx
4
vulnerability VCID-mbcb-cn8g-zfgw
5
vulnerability VCID-pww8-5fsd-1kcz
6
vulnerability VCID-r7t1-a958-d7dg
7
vulnerability VCID-rn5t-3pup-kbbv
8
vulnerability VCID-tnwn-h2wc-q7c4
9
vulnerability VCID-wm39-aehq-cyfb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/varnish@5.0.0-7%252Bdeb9u2
1
url pkg:deb/debian/varnish@6.1.1-1%2Bdeb10u3
purl pkg:deb/debian/varnish@6.1.1-1%2Bdeb10u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hery-ps62-9kf5
1
vulnerability VCID-hpb7-1n1t-n3em
2
vulnerability VCID-j1qj-kj7k-v7fx
3
vulnerability VCID-mbcb-cn8g-zfgw
4
vulnerability VCID-pww8-5fsd-1kcz
5
vulnerability VCID-r7t1-a958-d7dg
6
vulnerability VCID-rn5t-3pup-kbbv
7
vulnerability VCID-wm39-aehq-cyfb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/varnish@6.1.1-1%252Bdeb10u3
aliases CVE-2017-8807
risk_score 4.1
exploitability 0.5
weighted_severity 8.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4fbk-5fwk-efbd
1
url VCID-hery-ps62-9kf5
vulnerability_id VCID-hery-ps62-9kf5
summary varnish: denial of service handling certain crafted HTTP/1 requests
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00069.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00069.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00089.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00089.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15892.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15892.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-15892
reference_id
reference_type
scores
0
value 0.05554
scoring_system epss
scoring_elements 0.90232
published_at 2026-04-01T12:55:00Z
1
value 0.05554
scoring_system epss
scoring_elements 0.90289
published_at 2026-04-21T12:55:00Z
2
value 0.05554
scoring_system epss
scoring_elements 0.90276
published_at 2026-04-13T12:55:00Z
3
value 0.05554
scoring_system epss
scoring_elements 0.90292
published_at 2026-04-18T12:55:00Z
4
value 0.05554
scoring_system epss
scoring_elements 0.90234
published_at 2026-04-02T12:55:00Z
5
value 0.05554
scoring_system epss
scoring_elements 0.90247
published_at 2026-04-04T12:55:00Z
6
value 0.05554
scoring_system epss
scoring_elements 0.90252
published_at 2026-04-07T12:55:00Z
7
value 0.05554
scoring_system epss
scoring_elements 0.90267
published_at 2026-04-08T12:55:00Z
8
value 0.05554
scoring_system epss
scoring_elements 0.90274
published_at 2026-04-09T12:55:00Z
9
value 0.05554
scoring_system epss
scoring_elements 0.90283
published_at 2026-04-11T12:55:00Z
10
value 0.05554
scoring_system epss
scoring_elements 0.90282
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-15892
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15892
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15892
5
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3OEOCYRU43TWEU2C65F3D6GK64MSWNNK/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3OEOCYRU43TWEU2C65F3D6GK64MSWNNK/
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DBAQF6UDRSTURGINIMSMLJR4PTDYWA7C/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DBAQF6UDRSTURGINIMSMLJR4PTDYWA7C/
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KLSF54TDJWJLINIFEW5V5BKDNY5EQRR3/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KLSF54TDJWJLINIFEW5V5BKDNY5EQRR3/
8
reference_url https://seclists.org/bugtraq/2019/Sep/5
reference_id
reference_type
scores
url https://seclists.org/bugtraq/2019/Sep/5
9
reference_url https://varnish-cache.org/security/VSV00003.html
reference_id
reference_type
scores
url https://varnish-cache.org/security/VSV00003.html
10
reference_url https://www.debian.org/security/2019/dsa-4514
reference_id
reference_type
scores
url https://www.debian.org/security/2019/dsa-4514
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1756079
reference_id 1756079
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1756079
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939333
reference_id 939333
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939333
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:varnish_cache_project:varnish_cache:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:varnish_cache_project:varnish_cache:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:varnish_cache_project:varnish_cache:*:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:lts:*:*:*
reference_id cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:lts:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-15892
reference_id CVE-2019-15892
reference_type
scores
0
value 7.8
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:C
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2019-15892
17
reference_url https://access.redhat.com/errata/RHSA-2020:4756
reference_id RHSA-2020:4756
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4756
fixed_packages
0
url pkg:deb/debian/varnish@6.1.1-1%2Bdeb10u3
purl pkg:deb/debian/varnish@6.1.1-1%2Bdeb10u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hery-ps62-9kf5
1
vulnerability VCID-hpb7-1n1t-n3em
2
vulnerability VCID-j1qj-kj7k-v7fx
3
vulnerability VCID-mbcb-cn8g-zfgw
4
vulnerability VCID-pww8-5fsd-1kcz
5
vulnerability VCID-r7t1-a958-d7dg
6
vulnerability VCID-rn5t-3pup-kbbv
7
vulnerability VCID-wm39-aehq-cyfb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/varnish@6.1.1-1%252Bdeb10u3
1
url pkg:deb/debian/varnish@6.5.1-1%2Bdeb11u3
purl pkg:deb/debian/varnish@6.5.1-1%2Bdeb11u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5781-s1ny-q7ey
1
vulnerability VCID-cmeu-b3fh-hkaf
2
vulnerability VCID-djsh-vmzh-sbe7
3
vulnerability VCID-j1qj-kj7k-v7fx
4
vulnerability VCID-pww8-5fsd-1kcz
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/varnish@6.5.1-1%252Bdeb11u3
aliases CVE-2019-15892
risk_score 3.5
exploitability 0.5
weighted_severity 7.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hery-ps62-9kf5
2
url VCID-hpb7-1n1t-n3em
vulnerability_id VCID-hpb7-1n1t-n3em
summary varnish: Request Forgery Vulnerability
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-45060.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-45060.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-45060
reference_id
reference_type
scores
0
value 0.00952
scoring_system epss
scoring_elements 0.76339
published_at 2026-04-02T12:55:00Z
1
value 0.00952
scoring_system epss
scoring_elements 0.76424
published_at 2026-04-21T12:55:00Z
2
value 0.00952
scoring_system epss
scoring_elements 0.76369
published_at 2026-04-04T12:55:00Z
3
value 0.00952
scoring_system epss
scoring_elements 0.76349
published_at 2026-04-07T12:55:00Z
4
value 0.00952
scoring_system epss
scoring_elements 0.76381
published_at 2026-04-08T12:55:00Z
5
value 0.00952
scoring_system epss
scoring_elements 0.76395
published_at 2026-04-09T12:55:00Z
6
value 0.00952
scoring_system epss
scoring_elements 0.7642
published_at 2026-04-11T12:55:00Z
7
value 0.00952
scoring_system epss
scoring_elements 0.76398
published_at 2026-04-12T12:55:00Z
8
value 0.00952
scoring_system epss
scoring_elements 0.76393
published_at 2026-04-13T12:55:00Z
9
value 0.00952
scoring_system epss
scoring_elements 0.76433
published_at 2026-04-16T12:55:00Z
10
value 0.00952
scoring_system epss
scoring_elements 0.76439
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-45060
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45060
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45060
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1023751
reference_id 1023751
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1023751
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2141844
reference_id 2141844
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2141844
5
reference_url https://www.debian.org/security/2023/dsa-5334
reference_id dsa-5334
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:28:14Z/
url https://www.debian.org/security/2023/dsa-5334
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G6ZMOZVBLZXHEV5VRW4I4SOWLQEK5OF5/
reference_id G6ZMOZVBLZXHEV5VRW4I4SOWLQEK5OF5
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:28:14Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G6ZMOZVBLZXHEV5VRW4I4SOWLQEK5OF5/
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M4KVVCIQVINQQ2D7ORNARSYALMJUMP3I/
reference_id M4KVVCIQVINQQ2D7ORNARSYALMJUMP3I
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:28:14Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M4KVVCIQVINQQ2D7ORNARSYALMJUMP3I/
8
reference_url https://access.redhat.com/errata/RHSA-2022:8643
reference_id RHSA-2022:8643
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8643
9
reference_url https://access.redhat.com/errata/RHSA-2022:8644
reference_id RHSA-2022:8644
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8644
10
reference_url https://access.redhat.com/errata/RHSA-2022:8645
reference_id RHSA-2022:8645
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8645
11
reference_url https://access.redhat.com/errata/RHSA-2022:8646
reference_id RHSA-2022:8646
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8646
12
reference_url https://access.redhat.com/errata/RHSA-2022:8647
reference_id RHSA-2022:8647
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8647
13
reference_url https://access.redhat.com/errata/RHSA-2022:8649
reference_id RHSA-2022:8649
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8649
14
reference_url https://access.redhat.com/errata/RHSA-2022:8650
reference_id RHSA-2022:8650
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8650
15
reference_url https://access.redhat.com/errata/RHSA-2023:0673
reference_id RHSA-2023:0673
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0673
16
reference_url https://usn.ubuntu.com/7372-1/
reference_id USN-7372-1
reference_type
scores
url https://usn.ubuntu.com/7372-1/
17
reference_url https://docs.varnish-software.com/security/VSV00011
reference_id VSV00011
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:28:14Z/
url https://docs.varnish-software.com/security/VSV00011
18
reference_url https://varnish-cache.org/security/VSV00011.html
reference_id VSV00011.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:28:14Z/
url https://varnish-cache.org/security/VSV00011.html
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XGF6LFTHXCSYMYUX5HLMVXQH3WHCSFLU/
reference_id XGF6LFTHXCSYMYUX5HLMVXQH3WHCSFLU
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:28:14Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XGF6LFTHXCSYMYUX5HLMVXQH3WHCSFLU/
fixed_packages
0
url pkg:deb/debian/varnish@6.5.1-1%2Bdeb11u3
purl pkg:deb/debian/varnish@6.5.1-1%2Bdeb11u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5781-s1ny-q7ey
1
vulnerability VCID-cmeu-b3fh-hkaf
2
vulnerability VCID-djsh-vmzh-sbe7
3
vulnerability VCID-j1qj-kj7k-v7fx
4
vulnerability VCID-pww8-5fsd-1kcz
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/varnish@6.5.1-1%252Bdeb11u3
aliases CVE-2022-45060, VSV00011
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hpb7-1n1t-n3em
3
url VCID-j1qj-kj7k-v7fx
vulnerability_id VCID-j1qj-kj7k-v7fx
summary varnish: request smuggling attacks
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-47905.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-47905.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-47905
reference_id
reference_type
scores
0
value 0.0029
scoring_system epss
scoring_elements 0.5241
published_at 2026-04-02T12:55:00Z
1
value 0.0029
scoring_system epss
scoring_elements 0.52499
published_at 2026-04-21T12:55:00Z
2
value 0.0029
scoring_system epss
scoring_elements 0.52468
published_at 2026-04-13T12:55:00Z
3
value 0.0029
scoring_system epss
scoring_elements 0.52508
published_at 2026-04-16T12:55:00Z
4
value 0.0029
scoring_system epss
scoring_elements 0.52514
published_at 2026-04-18T12:55:00Z
5
value 0.0029
scoring_system epss
scoring_elements 0.52438
published_at 2026-04-04T12:55:00Z
6
value 0.0029
scoring_system epss
scoring_elements 0.52402
published_at 2026-04-07T12:55:00Z
7
value 0.0029
scoring_system epss
scoring_elements 0.52455
published_at 2026-04-08T12:55:00Z
8
value 0.0029
scoring_system epss
scoring_elements 0.52449
published_at 2026-04-09T12:55:00Z
9
value 0.0029
scoring_system epss
scoring_elements 0.52501
published_at 2026-04-11T12:55:00Z
10
value 0.0029
scoring_system epss
scoring_elements 0.52485
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-47905
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47905
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47905
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2364235
reference_id 2364235
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2364235
4
reference_url https://security.archlinux.org/ASA-202505-13
reference_id ASA-202505-13
reference_type
scores
url https://security.archlinux.org/ASA-202505-13
5
reference_url https://security.archlinux.org/AVG-2879
reference_id AVG-2879
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2879
6
reference_url https://access.redhat.com/errata/RHSA-2025:8294
reference_id RHSA-2025:8294
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8294
7
reference_url https://access.redhat.com/errata/RHSA-2025:8310
reference_id RHSA-2025:8310
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8310
8
reference_url https://access.redhat.com/errata/RHSA-2025:8336
reference_id RHSA-2025:8336
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8336
9
reference_url https://access.redhat.com/errata/RHSA-2025:8337
reference_id RHSA-2025:8337
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8337
10
reference_url https://access.redhat.com/errata/RHSA-2025:8339
reference_id RHSA-2025:8339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8339
11
reference_url https://access.redhat.com/errata/RHSA-2025:8340
reference_id RHSA-2025:8340
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8340
12
reference_url https://access.redhat.com/errata/RHSA-2025:8349
reference_id RHSA-2025:8349
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8349
13
reference_url https://access.redhat.com/errata/RHSA-2025:8350
reference_id RHSA-2025:8350
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8350
14
reference_url https://access.redhat.com/errata/RHSA-2025:8351
reference_id RHSA-2025:8351
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8351
15
reference_url https://access.redhat.com/errata/RHSA-2025:8550
reference_id RHSA-2025:8550
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8550
16
reference_url https://varnish-cache.org/security/VSV00016.html
reference_id VSV00016.html
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-14T14:15:16Z/
url https://varnish-cache.org/security/VSV00016.html
fixed_packages
0
url pkg:deb/debian/varnish@7.1.1-2%2Bdeb12u1
purl pkg:deb/debian/varnish@7.1.1-2%2Bdeb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5781-s1ny-q7ey
1
vulnerability VCID-cmeu-b3fh-hkaf
2
vulnerability VCID-djsh-vmzh-sbe7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/varnish@7.1.1-2%252Bdeb12u1
aliases CVE-2025-47905, VSV00016
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j1qj-kj7k-v7fx
4
url VCID-mbcb-cn8g-zfgw
vulnerability_id VCID-mbcb-cn8g-zfgw
summary varnish: HTTP/1 request smuggling vulnerability
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23959.json
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23959.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23959
reference_id
reference_type
scores
0
value 0.00346
scoring_system epss
scoring_elements 0.57151
published_at 2026-04-02T12:55:00Z
1
value 0.00346
scoring_system epss
scoring_elements 0.57174
published_at 2026-04-04T12:55:00Z
2
value 0.00346
scoring_system epss
scoring_elements 0.57152
published_at 2026-04-07T12:55:00Z
3
value 0.00346
scoring_system epss
scoring_elements 0.57203
published_at 2026-04-08T12:55:00Z
4
value 0.00346
scoring_system epss
scoring_elements 0.57205
published_at 2026-04-16T12:55:00Z
5
value 0.00346
scoring_system epss
scoring_elements 0.57217
published_at 2026-04-11T12:55:00Z
6
value 0.00346
scoring_system epss
scoring_elements 0.57198
published_at 2026-04-12T12:55:00Z
7
value 0.00346
scoring_system epss
scoring_elements 0.57178
published_at 2026-04-13T12:55:00Z
8
value 0.00346
scoring_system epss
scoring_elements 0.57202
published_at 2026-04-18T12:55:00Z
9
value 0.00346
scoring_system epss
scoring_elements 0.57182
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23959
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36740
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36740
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23959
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23959
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004433
reference_id 1004433
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004433
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2045031
reference_id 2045031
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2045031
7
reference_url https://access.redhat.com/errata/RHSA-2022:0418
reference_id RHSA-2022:0418
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0418
8
reference_url https://access.redhat.com/errata/RHSA-2022:0420
reference_id RHSA-2022:0420
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0420
9
reference_url https://access.redhat.com/errata/RHSA-2022:0421
reference_id RHSA-2022:0421
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0421
10
reference_url https://access.redhat.com/errata/RHSA-2022:0422
reference_id RHSA-2022:0422
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0422
11
reference_url https://access.redhat.com/errata/RHSA-2022:4745
reference_id RHSA-2022:4745
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4745
12
reference_url https://usn.ubuntu.com/5474-1/
reference_id USN-5474-1
reference_type
scores
url https://usn.ubuntu.com/5474-1/
fixed_packages
0
url pkg:deb/debian/varnish@6.1.1-1%2Bdeb10u3
purl pkg:deb/debian/varnish@6.1.1-1%2Bdeb10u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hery-ps62-9kf5
1
vulnerability VCID-hpb7-1n1t-n3em
2
vulnerability VCID-j1qj-kj7k-v7fx
3
vulnerability VCID-mbcb-cn8g-zfgw
4
vulnerability VCID-pww8-5fsd-1kcz
5
vulnerability VCID-r7t1-a958-d7dg
6
vulnerability VCID-rn5t-3pup-kbbv
7
vulnerability VCID-wm39-aehq-cyfb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/varnish@6.1.1-1%252Bdeb10u3
1
url pkg:deb/debian/varnish@6.5.1-1%2Bdeb11u3
purl pkg:deb/debian/varnish@6.5.1-1%2Bdeb11u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5781-s1ny-q7ey
1
vulnerability VCID-cmeu-b3fh-hkaf
2
vulnerability VCID-djsh-vmzh-sbe7
3
vulnerability VCID-j1qj-kj7k-v7fx
4
vulnerability VCID-pww8-5fsd-1kcz
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/varnish@6.5.1-1%252Bdeb11u3
aliases CVE-2022-23959
risk_score 4.1
exploitability 0.5
weighted_severity 8.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mbcb-cn8g-zfgw
5
url VCID-pww8-5fsd-1kcz
vulnerability_id VCID-pww8-5fsd-1kcz
summary varnish: Client-Side Desynchronization in Varnish Cache
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30346.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30346.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-30346
reference_id
reference_type
scores
0
value 0.00168
scoring_system epss
scoring_elements 0.38043
published_at 2026-04-02T12:55:00Z
1
value 0.00168
scoring_system epss
scoring_elements 0.37927
published_at 2026-04-21T12:55:00Z
2
value 0.00168
scoring_system epss
scoring_elements 0.37964
published_at 2026-04-13T12:55:00Z
3
value 0.00168
scoring_system epss
scoring_elements 0.38009
published_at 2026-04-16T12:55:00Z
4
value 0.00168
scoring_system epss
scoring_elements 0.38067
published_at 2026-04-04T12:55:00Z
5
value 0.00168
scoring_system epss
scoring_elements 0.37947
published_at 2026-04-07T12:55:00Z
6
value 0.00168
scoring_system epss
scoring_elements 0.37998
published_at 2026-04-08T12:55:00Z
7
value 0.00168
scoring_system epss
scoring_elements 0.38008
published_at 2026-04-09T12:55:00Z
8
value 0.00168
scoring_system epss
scoring_elements 0.38025
published_at 2026-04-11T12:55:00Z
9
value 0.00168
scoring_system epss
scoring_elements 0.37989
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-30346
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30346
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30346
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2354008
reference_id 2354008
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2354008
4
reference_url https://varnish-cache.org/security/VSV00015.html
reference_id VSV00015.html
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T14:00:05Z/
url https://varnish-cache.org/security/VSV00015.html
fixed_packages
0
url pkg:deb/debian/varnish@7.1.1-2%2Bdeb12u1
purl pkg:deb/debian/varnish@7.1.1-2%2Bdeb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5781-s1ny-q7ey
1
vulnerability VCID-cmeu-b3fh-hkaf
2
vulnerability VCID-djsh-vmzh-sbe7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/varnish@7.1.1-2%252Bdeb12u1
aliases CVE-2025-30346, VSV00015
risk_score 2.5
exploitability 0.5
weighted_severity 4.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pww8-5fsd-1kcz
6
url VCID-r7t1-a958-d7dg
vulnerability_id VCID-r7t1-a958-d7dg
summary varnish: HTTP/2 request smuggling attack via a large Content-Length header for a POST request
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-36740.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-36740.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-36740
reference_id
reference_type
scores
0
value 0.00708
scoring_system epss
scoring_elements 0.72142
published_at 2026-04-01T12:55:00Z
1
value 0.00708
scoring_system epss
scoring_elements 0.72224
published_at 2026-04-21T12:55:00Z
2
value 0.00708
scoring_system epss
scoring_elements 0.72228
published_at 2026-04-16T12:55:00Z
3
value 0.00708
scoring_system epss
scoring_elements 0.72238
published_at 2026-04-18T12:55:00Z
4
value 0.00708
scoring_system epss
scoring_elements 0.72147
published_at 2026-04-02T12:55:00Z
5
value 0.00708
scoring_system epss
scoring_elements 0.72167
published_at 2026-04-04T12:55:00Z
6
value 0.00708
scoring_system epss
scoring_elements 0.72145
published_at 2026-04-07T12:55:00Z
7
value 0.00708
scoring_system epss
scoring_elements 0.72182
published_at 2026-04-08T12:55:00Z
8
value 0.00708
scoring_system epss
scoring_elements 0.72194
published_at 2026-04-09T12:55:00Z
9
value 0.00708
scoring_system epss
scoring_elements 0.72216
published_at 2026-04-11T12:55:00Z
10
value 0.00708
scoring_system epss
scoring_elements 0.722
published_at 2026-04-12T12:55:00Z
11
value 0.00708
scoring_system epss
scoring_elements 0.72186
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-36740
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36740
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36740
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23959
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23959
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1982409
reference_id 1982409
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1982409
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991040
reference_id 991040
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991040
7
reference_url https://security.archlinux.org/ASA-202107-28
reference_id ASA-202107-28
reference_type
scores
url https://security.archlinux.org/ASA-202107-28
8
reference_url https://security.archlinux.org/AVG-2154
reference_id AVG-2154
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2154
9
reference_url https://access.redhat.com/errata/RHSA-2021:2988
reference_id RHSA-2021:2988
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2988
10
reference_url https://access.redhat.com/errata/RHSA-2021:2993
reference_id RHSA-2021:2993
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2993
11
reference_url https://usn.ubuntu.com/5474-1/
reference_id USN-5474-1
reference_type
scores
url https://usn.ubuntu.com/5474-1/
fixed_packages
0
url pkg:deb/debian/varnish@6.1.1-1%2Bdeb10u3
purl pkg:deb/debian/varnish@6.1.1-1%2Bdeb10u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hery-ps62-9kf5
1
vulnerability VCID-hpb7-1n1t-n3em
2
vulnerability VCID-j1qj-kj7k-v7fx
3
vulnerability VCID-mbcb-cn8g-zfgw
4
vulnerability VCID-pww8-5fsd-1kcz
5
vulnerability VCID-r7t1-a958-d7dg
6
vulnerability VCID-rn5t-3pup-kbbv
7
vulnerability VCID-wm39-aehq-cyfb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/varnish@6.1.1-1%252Bdeb10u3
1
url pkg:deb/debian/varnish@6.5.1-1%2Bdeb11u3
purl pkg:deb/debian/varnish@6.5.1-1%2Bdeb11u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5781-s1ny-q7ey
1
vulnerability VCID-cmeu-b3fh-hkaf
2
vulnerability VCID-djsh-vmzh-sbe7
3
vulnerability VCID-j1qj-kj7k-v7fx
4
vulnerability VCID-pww8-5fsd-1kcz
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/varnish@6.5.1-1%252Bdeb11u3
aliases CVE-2021-36740
risk_score 3.6
exploitability 0.5
weighted_severity 7.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r7t1-a958-d7dg
7
url VCID-rn5t-3pup-kbbv
vulnerability_id VCID-rn5t-3pup-kbbv
summary varnish: not clearing pointer between two client requests leads to information disclosure
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00026.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00026.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00031.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00031.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20637.json
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20637.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-20637
reference_id
reference_type
scores
0
value 0.00478
scoring_system epss
scoring_elements 0.64878
published_at 2026-04-01T12:55:00Z
1
value 0.00478
scoring_system epss
scoring_elements 0.64994
published_at 2026-04-21T12:55:00Z
2
value 0.00478
scoring_system epss
scoring_elements 0.64999
published_at 2026-04-16T12:55:00Z
3
value 0.00478
scoring_system epss
scoring_elements 0.6501
published_at 2026-04-18T12:55:00Z
4
value 0.00478
scoring_system epss
scoring_elements 0.64927
published_at 2026-04-02T12:55:00Z
5
value 0.00478
scoring_system epss
scoring_elements 0.64955
published_at 2026-04-04T12:55:00Z
6
value 0.00478
scoring_system epss
scoring_elements 0.64918
published_at 2026-04-07T12:55:00Z
7
value 0.00478
scoring_system epss
scoring_elements 0.64968
published_at 2026-04-08T12:55:00Z
8
value 0.00478
scoring_system epss
scoring_elements 0.64982
published_at 2026-04-09T12:55:00Z
9
value 0.00478
scoring_system epss
scoring_elements 0.65
published_at 2026-04-11T12:55:00Z
10
value 0.00478
scoring_system epss
scoring_elements 0.6499
published_at 2026-04-12T12:55:00Z
11
value 0.00478
scoring_system epss
scoring_elements 0.64962
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-20637
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20637
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20637
5
reference_url http://varnish-cache.org/security/VSV00004.html#vsv00004
reference_id
reference_type
scores
url http://varnish-cache.org/security/VSV00004.html#vsv00004
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1772362
reference_id 1772362
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1772362
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=956305
reference_id 956305
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=956305
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*
reference_id cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:varnish-cache:varnish_cache:*:*:*:*:-:*:*:*
reference_id cpe:2.3:a:varnish-cache:varnish_cache:*:*:*:*:-:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:varnish-cache:varnish_cache:*:*:*:*:-:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:lts:*:*:*
reference_id cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:lts:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-20637
reference_id CVE-2019-20637
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2019-20637
13
reference_url https://access.redhat.com/errata/RHSA-2020:4756
reference_id RHSA-2020:4756
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4756
14
reference_url https://usn.ubuntu.com/5474-1/
reference_id USN-5474-1
reference_type
scores
url https://usn.ubuntu.com/5474-1/
fixed_packages
0
url pkg:deb/debian/varnish@6.5.1-1%2Bdeb11u3
purl pkg:deb/debian/varnish@6.5.1-1%2Bdeb11u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5781-s1ny-q7ey
1
vulnerability VCID-cmeu-b3fh-hkaf
2
vulnerability VCID-djsh-vmzh-sbe7
3
vulnerability VCID-j1qj-kj7k-v7fx
4
vulnerability VCID-pww8-5fsd-1kcz
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/varnish@6.5.1-1%252Bdeb11u3
aliases CVE-2019-20637
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rn5t-3pup-kbbv
8
url VCID-tnwn-h2wc-q7c4
vulnerability_id VCID-tnwn-h2wc-q7c4
summary security update
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12425.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12425.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-12425
reference_id
reference_type
scores
0
value 0.01046
scoring_system epss
scoring_elements 0.77435
published_at 2026-04-01T12:55:00Z
1
value 0.01046
scoring_system epss
scoring_elements 0.77441
published_at 2026-04-02T12:55:00Z
2
value 0.01046
scoring_system epss
scoring_elements 0.77467
published_at 2026-04-04T12:55:00Z
3
value 0.01046
scoring_system epss
scoring_elements 0.77447
published_at 2026-04-07T12:55:00Z
4
value 0.01046
scoring_system epss
scoring_elements 0.77476
published_at 2026-04-08T12:55:00Z
5
value 0.01046
scoring_system epss
scoring_elements 0.77486
published_at 2026-04-09T12:55:00Z
6
value 0.01046
scoring_system epss
scoring_elements 0.77512
published_at 2026-04-11T12:55:00Z
7
value 0.01046
scoring_system epss
scoring_elements 0.77492
published_at 2026-04-12T12:55:00Z
8
value 0.01046
scoring_system epss
scoring_elements 0.77489
published_at 2026-04-13T12:55:00Z
9
value 0.01046
scoring_system epss
scoring_elements 0.77528
published_at 2026-04-16T12:55:00Z
10
value 0.01046
scoring_system epss
scoring_elements 0.77525
published_at 2026-04-18T12:55:00Z
11
value 0.01046
scoring_system epss
scoring_elements 0.77517
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-12425
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12425
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12425
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1477222
reference_id 1477222
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1477222
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870467
reference_id 870467
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870467
5
reference_url https://security.archlinux.org/ASA-201708-4
reference_id ASA-201708-4
reference_type
scores
url https://security.archlinux.org/ASA-201708-4
6
reference_url https://security.archlinux.org/AVG-374
reference_id AVG-374
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-374
fixed_packages
0
url pkg:deb/debian/varnish@4.0.2-1%2Bdeb8u1
purl pkg:deb/debian/varnish@4.0.2-1%2Bdeb8u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4fbk-5fwk-efbd
1
vulnerability VCID-hery-ps62-9kf5
2
vulnerability VCID-hpb7-1n1t-n3em
3
vulnerability VCID-j1qj-kj7k-v7fx
4
vulnerability VCID-mbcb-cn8g-zfgw
5
vulnerability VCID-pww8-5fsd-1kcz
6
vulnerability VCID-r7t1-a958-d7dg
7
vulnerability VCID-rn5t-3pup-kbbv
8
vulnerability VCID-tnwn-h2wc-q7c4
9
vulnerability VCID-wm39-aehq-cyfb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/varnish@4.0.2-1%252Bdeb8u1
1
url pkg:deb/debian/varnish@5.0.0-7%2Bdeb9u2
purl pkg:deb/debian/varnish@5.0.0-7%2Bdeb9u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4fbk-5fwk-efbd
1
vulnerability VCID-hery-ps62-9kf5
2
vulnerability VCID-hpb7-1n1t-n3em
3
vulnerability VCID-j1qj-kj7k-v7fx
4
vulnerability VCID-mbcb-cn8g-zfgw
5
vulnerability VCID-pww8-5fsd-1kcz
6
vulnerability VCID-r7t1-a958-d7dg
7
vulnerability VCID-rn5t-3pup-kbbv
8
vulnerability VCID-tnwn-h2wc-q7c4
9
vulnerability VCID-wm39-aehq-cyfb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/varnish@5.0.0-7%252Bdeb9u2
2
url pkg:deb/debian/varnish@6.1.1-1%2Bdeb10u3
purl pkg:deb/debian/varnish@6.1.1-1%2Bdeb10u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hery-ps62-9kf5
1
vulnerability VCID-hpb7-1n1t-n3em
2
vulnerability VCID-j1qj-kj7k-v7fx
3
vulnerability VCID-mbcb-cn8g-zfgw
4
vulnerability VCID-pww8-5fsd-1kcz
5
vulnerability VCID-r7t1-a958-d7dg
6
vulnerability VCID-rn5t-3pup-kbbv
7
vulnerability VCID-wm39-aehq-cyfb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/varnish@6.1.1-1%252Bdeb10u3
aliases CVE-2017-12425
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tnwn-h2wc-q7c4
9
url VCID-wm39-aehq-cyfb
vulnerability_id VCID-wm39-aehq-cyfb
summary varnish: remote clients may cause Varnish to assert and restart which could result in DoS
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00026.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00026.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00031.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00031.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11653.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11653.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-11653
reference_id
reference_type
scores
0
value 0.0126
scoring_system epss
scoring_elements 0.79358
published_at 2026-04-01T12:55:00Z
1
value 0.0126
scoring_system epss
scoring_elements 0.79438
published_at 2026-04-21T12:55:00Z
2
value 0.0126
scoring_system epss
scoring_elements 0.79436
published_at 2026-04-16T12:55:00Z
3
value 0.0126
scoring_system epss
scoring_elements 0.79435
published_at 2026-04-18T12:55:00Z
4
value 0.0126
scoring_system epss
scoring_elements 0.79364
published_at 2026-04-02T12:55:00Z
5
value 0.0126
scoring_system epss
scoring_elements 0.79387
published_at 2026-04-04T12:55:00Z
6
value 0.0126
scoring_system epss
scoring_elements 0.79373
published_at 2026-04-07T12:55:00Z
7
value 0.0126
scoring_system epss
scoring_elements 0.794
published_at 2026-04-08T12:55:00Z
8
value 0.0126
scoring_system epss
scoring_elements 0.79409
published_at 2026-04-09T12:55:00Z
9
value 0.0126
scoring_system epss
scoring_elements 0.79433
published_at 2026-04-11T12:55:00Z
10
value 0.0126
scoring_system epss
scoring_elements 0.79416
published_at 2026-04-12T12:55:00Z
11
value 0.0126
scoring_system epss
scoring_elements 0.79405
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-11653
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11653
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11653
5
reference_url https://lists.debian.org/debian-lts-announce/2022/11/msg00036.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2022/11/msg00036.html
6
reference_url https://varnish-cache.org/security/VSV00005.html#vsv00005
reference_id
reference_type
scores
url https://varnish-cache.org/security/VSV00005.html#vsv00005
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1813867
reference_id 1813867
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1813867
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=956307
reference_id 956307
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=956307
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*
reference_id cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:varnish-cache:varnish_cache:*:*:*:*:-:*:*:*
reference_id cpe:2.3:a:varnish-cache:varnish_cache:*:*:*:*:-:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:varnish-cache:varnish_cache:*:*:*:*:-:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:lts:*:*:*
reference_id cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:lts:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-11653
reference_id CVE-2020-11653
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2020-11653
15
reference_url https://access.redhat.com/errata/RHSA-2020:4756
reference_id RHSA-2020:4756
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4756
16
reference_url https://usn.ubuntu.com/5474-1/
reference_id USN-5474-1
reference_type
scores
url https://usn.ubuntu.com/5474-1/
17
reference_url https://usn.ubuntu.com/5474-2/
reference_id USN-5474-2
reference_type
scores
url https://usn.ubuntu.com/5474-2/
fixed_packages
0
url pkg:deb/debian/varnish@6.5.1-1%2Bdeb11u3
purl pkg:deb/debian/varnish@6.5.1-1%2Bdeb11u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5781-s1ny-q7ey
1
vulnerability VCID-cmeu-b3fh-hkaf
2
vulnerability VCID-djsh-vmzh-sbe7
3
vulnerability VCID-j1qj-kj7k-v7fx
4
vulnerability VCID-pww8-5fsd-1kcz
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/varnish@6.5.1-1%252Bdeb11u3
aliases CVE-2020-11653
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wm39-aehq-cyfb
Fixing_vulnerabilities
0
url VCID-fgjt-z1kd-nbct
vulnerability_id VCID-fgjt-z1kd-nbct
summary 
Improper input validation in Varnish allows remote attackers to
    conduct HTTP smuggling attacks, and possibly trigger a buffer overflow.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2016-05/msg00064.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2016-05/msg00064.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8852.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8852.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-8852
reference_id
reference_type
scores
0
value 0.0109
scoring_system epss
scoring_elements 0.7797
published_at 2026-04-21T12:55:00Z
1
value 0.0109
scoring_system epss
scoring_elements 0.77977
published_at 2026-04-18T12:55:00Z
2
value 0.0109
scoring_system epss
scoring_elements 0.77884
published_at 2026-04-01T12:55:00Z
3
value 0.0109
scoring_system epss
scoring_elements 0.7789
published_at 2026-04-02T12:55:00Z
4
value 0.0109
scoring_system epss
scoring_elements 0.77919
published_at 2026-04-04T12:55:00Z
5
value 0.0109
scoring_system epss
scoring_elements 0.77901
published_at 2026-04-07T12:55:00Z
6
value 0.0109
scoring_system epss
scoring_elements 0.77928
published_at 2026-04-08T12:55:00Z
7
value 0.0109
scoring_system epss
scoring_elements 0.77933
published_at 2026-04-09T12:55:00Z
8
value 0.0109
scoring_system epss
scoring_elements 0.77959
published_at 2026-04-11T12:55:00Z
9
value 0.0109
scoring_system epss
scoring_elements 0.77943
published_at 2026-04-13T12:55:00Z
10
value 0.0109
scoring_system epss
scoring_elements 0.77978
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-8852
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8852
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8852
4
reference_url https://github.com/varnish/Varnish-Cache/commit/29870c8fe95e4e8a672f6f28c5fbe692bea09e9c
reference_id
reference_type
scores
url https://github.com/varnish/Varnish-Cache/commit/29870c8fe95e4e8a672f6f28c5fbe692bea09e9c
5
reference_url https://github.com/varnish/Varnish-Cache/commit/85e8468bec9416bd7e16b0d80cb820ecd2b330c3
reference_id
reference_type
scores
url https://github.com/varnish/Varnish-Cache/commit/85e8468bec9416bd7e16b0d80cb820ecd2b330c3
6
reference_url https://www.varnish-cache.org/lists/pipermail/varnish-announce/2015-March/000701.html
reference_id
reference_type
scores
url https://www.varnish-cache.org/lists/pipermail/varnish-announce/2015-March/000701.html
7
reference_url http://www.debian.org/security/2016/dsa-3553
reference_id
reference_type
scores
url http://www.debian.org/security/2016/dsa-3553
8
reference_url http://www.openwall.com/lists/oss-security/2016/04/16/1
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2016/04/16/1
9
reference_url http://www.openwall.com/lists/oss-security/2016/04/18/7
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2016/04/18/7
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1328361
reference_id 1328361
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1328361
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783510
reference_id 783510
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783510
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:varnish_cache_project:varnish_cache:3.0.0:beta1:*:*:*:*:*:*
reference_id cpe:2.3:a:varnish_cache_project:varnish_cache:3.0.0:beta1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:varnish_cache_project:varnish_cache:3.0.0:beta1:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:varnish_cache_project:varnish_cache:3.0.0:beta2:*:*:*:*:*:*
reference_id cpe:2.3:a:varnish_cache_project:varnish_cache:3.0.0:beta2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:varnish_cache_project:varnish_cache:3.0.0:beta2:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:varnish_cache_project:varnish_cache:3.0.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:varnish_cache_project:varnish_cache:3.0.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:varnish_cache_project:varnish_cache:3.0.1:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:varnish_cache_project:varnish_cache:3.0.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:varnish_cache_project:varnish_cache:3.0.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:varnish_cache_project:varnish_cache:3.0.2:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:varnish_cache_project:varnish_cache:3.0.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:varnish_cache_project:varnish_cache:3.0.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:varnish_cache_project:varnish_cache:3.0.3:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:varnish_cache_project:varnish_cache:3.0.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:varnish_cache_project:varnish_cache:3.0.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:varnish_cache_project:varnish_cache:3.0.4:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:varnish_cache_project:varnish_cache:3.0.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:varnish_cache_project:varnish_cache:3.0.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:varnish_cache_project:varnish_cache:3.0.5:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:varnish_cache_project:varnish_cache:3.0.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:varnish_cache_project:varnish_cache:3.0.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:varnish_cache_project:varnish_cache:3.0.6:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-8852
reference_id CVE-2015-8852
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2015-8852
22
reference_url https://security.gentoo.org/glsa/201607-10
reference_id GLSA-201607-10
reference_type
scores
url https://security.gentoo.org/glsa/201607-10
fixed_packages
0
url pkg:deb/debian/varnish@3.0.2-2%2Bdeb7u2
purl pkg:deb/debian/varnish@3.0.2-2%2Bdeb7u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4fbk-5fwk-efbd
1
vulnerability VCID-fgjt-z1kd-nbct
2
vulnerability VCID-hery-ps62-9kf5
3
vulnerability VCID-hpb7-1n1t-n3em
4
vulnerability VCID-j1qj-kj7k-v7fx
5
vulnerability VCID-mbcb-cn8g-zfgw
6
vulnerability VCID-ntj2-zryg-tubp
7
vulnerability VCID-pww8-5fsd-1kcz
8
vulnerability VCID-r7t1-a958-d7dg
9
vulnerability VCID-rn5t-3pup-kbbv
10
vulnerability VCID-tnwn-h2wc-q7c4
11
vulnerability VCID-wm39-aehq-cyfb
12
vulnerability VCID-z4zn-dpfs-j7cq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/varnish@3.0.2-2%252Bdeb7u2
1
url pkg:deb/debian/varnish@4.0.2-1
purl pkg:deb/debian/varnish@4.0.2-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4fbk-5fwk-efbd
1
vulnerability VCID-hery-ps62-9kf5
2
vulnerability VCID-hpb7-1n1t-n3em
3
vulnerability VCID-j1qj-kj7k-v7fx
4
vulnerability VCID-mbcb-cn8g-zfgw
5
vulnerability VCID-pww8-5fsd-1kcz
6
vulnerability VCID-r7t1-a958-d7dg
7
vulnerability VCID-rn5t-3pup-kbbv
8
vulnerability VCID-tnwn-h2wc-q7c4
9
vulnerability VCID-wm39-aehq-cyfb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/varnish@4.0.2-1
aliases CVE-2015-8852
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fgjt-z1kd-nbct
1
url VCID-ntj2-zryg-tubp
vulnerability_id VCID-ntj2-zryg-tubp
summary Varnish HTTP cache before 3.0.4: ACL bug
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4090
reference_id
reference_type
scores
0
value 0.00351
scoring_system epss
scoring_elements 0.57446
published_at 2026-04-01T12:55:00Z
1
value 0.00351
scoring_system epss
scoring_elements 0.57529
published_at 2026-04-02T12:55:00Z
2
value 0.00351
scoring_system epss
scoring_elements 0.57551
published_at 2026-04-04T12:55:00Z
3
value 0.00351
scoring_system epss
scoring_elements 0.57526
published_at 2026-04-07T12:55:00Z
4
value 0.00351
scoring_system epss
scoring_elements 0.57579
published_at 2026-04-08T12:55:00Z
5
value 0.00351
scoring_system epss
scoring_elements 0.57583
published_at 2026-04-09T12:55:00Z
6
value 0.00351
scoring_system epss
scoring_elements 0.57598
published_at 2026-04-11T12:55:00Z
7
value 0.00351
scoring_system epss
scoring_elements 0.57578
published_at 2026-04-12T12:55:00Z
8
value 0.00351
scoring_system epss
scoring_elements 0.57556
published_at 2026-04-13T12:55:00Z
9
value 0.00351
scoring_system epss
scoring_elements 0.57584
published_at 2026-04-16T12:55:00Z
10
value 0.00351
scoring_system epss
scoring_elements 0.5758
published_at 2026-04-18T12:55:00Z
11
value 0.00351
scoring_system epss
scoring_elements 0.5756
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4090
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4090
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4090
fixed_packages
0
url pkg:deb/debian/varnish@4.0.2-1
purl pkg:deb/debian/varnish@4.0.2-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4fbk-5fwk-efbd
1
vulnerability VCID-hery-ps62-9kf5
2
vulnerability VCID-hpb7-1n1t-n3em
3
vulnerability VCID-j1qj-kj7k-v7fx
4
vulnerability VCID-mbcb-cn8g-zfgw
5
vulnerability VCID-pww8-5fsd-1kcz
6
vulnerability VCID-r7t1-a958-d7dg
7
vulnerability VCID-rn5t-3pup-kbbv
8
vulnerability VCID-tnwn-h2wc-q7c4
9
vulnerability VCID-wm39-aehq-cyfb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/varnish@4.0.2-1
aliases CVE-2013-4090
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ntj2-zryg-tubp
2
url VCID-z4zn-dpfs-j7cq
vulnerability_id VCID-z4zn-dpfs-j7cq
summary 
Multiple vulnerabilities have been found in Varnish, the worst of
    which could allow a remote attacker to create a Denial of Service
    condition.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4484
reference_id
reference_type
scores
0
value 0.01554
scoring_system epss
scoring_elements 0.81368
published_at 2026-04-01T12:55:00Z
1
value 0.01554
scoring_system epss
scoring_elements 0.81377
published_at 2026-04-02T12:55:00Z
2
value 0.01554
scoring_system epss
scoring_elements 0.814
published_at 2026-04-04T12:55:00Z
3
value 0.01554
scoring_system epss
scoring_elements 0.81399
published_at 2026-04-07T12:55:00Z
4
value 0.01554
scoring_system epss
scoring_elements 0.81427
published_at 2026-04-08T12:55:00Z
5
value 0.01554
scoring_system epss
scoring_elements 0.81432
published_at 2026-04-09T12:55:00Z
6
value 0.01554
scoring_system epss
scoring_elements 0.81454
published_at 2026-04-11T12:55:00Z
7
value 0.01554
scoring_system epss
scoring_elements 0.81441
published_at 2026-04-12T12:55:00Z
8
value 0.01554
scoring_system epss
scoring_elements 0.81435
published_at 2026-04-13T12:55:00Z
9
value 0.01554
scoring_system epss
scoring_elements 0.81471
published_at 2026-04-16T12:55:00Z
10
value 0.01554
scoring_system epss
scoring_elements 0.81473
published_at 2026-04-18T12:55:00Z
11
value 0.01554
scoring_system epss
scoring_elements 0.81474
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4484
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4484
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4484
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=728989
reference_id 728989
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=728989
3
reference_url https://security.gentoo.org/glsa/201412-30
reference_id GLSA-201412-30
reference_type
scores
url https://security.gentoo.org/glsa/201412-30
fixed_packages
0
url pkg:deb/debian/varnish@3.0.2-2%2Bdeb7u2
purl pkg:deb/debian/varnish@3.0.2-2%2Bdeb7u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4fbk-5fwk-efbd
1
vulnerability VCID-fgjt-z1kd-nbct
2
vulnerability VCID-hery-ps62-9kf5
3
vulnerability VCID-hpb7-1n1t-n3em
4
vulnerability VCID-j1qj-kj7k-v7fx
5
vulnerability VCID-mbcb-cn8g-zfgw
6
vulnerability VCID-ntj2-zryg-tubp
7
vulnerability VCID-pww8-5fsd-1kcz
8
vulnerability VCID-r7t1-a958-d7dg
9
vulnerability VCID-rn5t-3pup-kbbv
10
vulnerability VCID-tnwn-h2wc-q7c4
11
vulnerability VCID-wm39-aehq-cyfb
12
vulnerability VCID-z4zn-dpfs-j7cq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/varnish@3.0.2-2%252Bdeb7u2
1
url pkg:deb/debian/varnish@4.0.2-1
purl pkg:deb/debian/varnish@4.0.2-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4fbk-5fwk-efbd
1
vulnerability VCID-hery-ps62-9kf5
2
vulnerability VCID-hpb7-1n1t-n3em
3
vulnerability VCID-j1qj-kj7k-v7fx
4
vulnerability VCID-mbcb-cn8g-zfgw
5
vulnerability VCID-pww8-5fsd-1kcz
6
vulnerability VCID-r7t1-a958-d7dg
7
vulnerability VCID-rn5t-3pup-kbbv
8
vulnerability VCID-tnwn-h2wc-q7c4
9
vulnerability VCID-wm39-aehq-cyfb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/varnish@4.0.2-1
aliases CVE-2013-4484
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z4zn-dpfs-j7cq
Risk_score4.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/varnish@4.0.2-1