VulnerableCode Package Details - pkg:deb/debian/varnish@5.0.0-7%2Bdeb9u2

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/varnish@5.0.0-7%2Bdeb9u2

Essentials
History (45)

purl	pkg:deb/debian/varnish@5.0.0-7%2Bdeb9u2

Next non-vulnerable version	7.7.3-2
Latest non-vulnerable version	7.7.3-2
Risk	4.1

Vulnerabilities affecting this package (10)

Vulnerability	Summary	Fixed by
VCID-4fbk-5fwk-efbd Aliases: CVE-2017-8807	security update	6.1.1-1+deb10u3 Affected by 8 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-hery-ps62-9kf5 Aliases: CVE-2019-15892	varnish: denial of service handling certain crafted HTTP/1 requests	6.1.1-1+deb10u3 Affected by 8 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 6.5.1-1+deb11u3 Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-hpb7-1n1t-n3em Aliases: CVE-2022-45060 VSV00011	varnish: Request Forgery Vulnerability	6.5.1-1+deb11u3 Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-j1qj-kj7k-v7fx Aliases: CVE-2025-47905 VSV00016	varnish: request smuggling attacks	7.1.1-2+deb12u1 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-mbcb-cn8g-zfgw Aliases: CVE-2022-23959	varnish: HTTP/1 request smuggling vulnerability	6.1.1-1+deb10u3 Affected by 8 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 6.5.1-1+deb11u3 Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-pww8-5fsd-1kcz Aliases: CVE-2025-30346 VSV00015	varnish: Client-Side Desynchronization in Varnish Cache	7.1.1-2+deb12u1 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-r7t1-a958-d7dg Aliases: CVE-2021-36740	varnish: HTTP/2 request smuggling attack via a large Content-Length header for a POST request	6.1.1-1+deb10u3 Affected by 8 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 6.5.1-1+deb11u3 Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-rn5t-3pup-kbbv Aliases: CVE-2019-20637	varnish: not clearing pointer between two client requests leads to information disclosure	6.5.1-1+deb11u3 Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-tnwn-h2wc-q7c4 Aliases: CVE-2017-12425	security update	6.1.1-1+deb10u3 Affected by 8 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-wm39-aehq-cyfb Aliases: CVE-2020-11653	varnish: remote clients may cause Varnish to assert and restart which could result in DoS	6.5.1-1+deb11u3 Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (2)

Vulnerability	Summary	Aliases
VCID-4fbk-5fwk-efbd	security update	CVE-2017-8807
VCID-tnwn-h2wc-q7c4	security update	CVE-2017-12425

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T00:12:45.179732+00:00	Debian Oval Importer	Affected by	VCID-tnwn-h2wc-q7c4	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T23:33:46.986575+00:00	Debian Oval Importer	Affected by	VCID-j1qj-kj7k-v7fx	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T23:32:25.788286+00:00	Debian Oval Importer	Affected by	VCID-hery-ps62-9kf5	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T22:26:41.679822+00:00	Debian Oval Importer	Affected by	VCID-rn5t-3pup-kbbv	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T20:46:23.253389+00:00	Debian Oval Importer	Affected by	VCID-r7t1-a958-d7dg	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T20:40:13.822378+00:00	Debian Oval Importer	Affected by	VCID-mbcb-cn8g-zfgw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T20:33:43.001415+00:00	Debian Oval Importer	Affected by	VCID-hpb7-1n1t-n3em	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T19:16:28.842084+00:00	Debian Oval Importer	Affected by	VCID-pww8-5fsd-1kcz	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T19:01:44.175597+00:00	Debian Oval Importer	Affected by	VCID-4fbk-5fwk-efbd	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T16:25:26.630653+00:00	Debian Oval Importer	Affected by	VCID-wm39-aehq-cyfb	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T15:04:45.492517+00:00	Debian Oval Importer	Affected by	VCID-mbcb-cn8g-zfgw	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	38.4.0
2026-04-15T14:51:47.100450+00:00	Debian Oval Importer	Affected by	VCID-r7t1-a958-d7dg	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	38.4.0
2026-04-15T14:41:15.937411+00:00	Debian Oval Importer	Affected by	VCID-hery-ps62-9kf5	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	38.4.0
2026-04-15T14:11:59.831584+00:00	Debian Oval Importer	Fixing	VCID-4fbk-5fwk-efbd	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	38.4.0
2026-04-15T14:09:28.049340+00:00	Debian Oval Importer	Fixing	VCID-tnwn-h2wc-q7c4	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	38.4.0
2026-04-11T23:46:35.685402+00:00	Debian Oval Importer	Affected by	VCID-tnwn-h2wc-q7c4	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T23:08:50.827730+00:00	Debian Oval Importer	Affected by	VCID-j1qj-kj7k-v7fx	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T23:07:37.161110+00:00	Debian Oval Importer	Affected by	VCID-hery-ps62-9kf5	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T22:03:50.782271+00:00	Debian Oval Importer	Affected by	VCID-rn5t-3pup-kbbv	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T20:27:18.306448+00:00	Debian Oval Importer	Affected by	VCID-r7t1-a958-d7dg	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T20:21:19.050031+00:00	Debian Oval Importer	Affected by	VCID-mbcb-cn8g-zfgw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T20:14:59.924976+00:00	Debian Oval Importer	Affected by	VCID-hpb7-1n1t-n3em	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T18:59:55.012461+00:00	Debian Oval Importer	Affected by	VCID-pww8-5fsd-1kcz	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T18:45:47.645562+00:00	Debian Oval Importer	Affected by	VCID-4fbk-5fwk-efbd	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T16:12:40.719432+00:00	Debian Oval Importer	Affected by	VCID-wm39-aehq-cyfb	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T14:53:03.013681+00:00	Debian Oval Importer	Affected by	VCID-mbcb-cn8g-zfgw	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	38.3.0
2026-04-11T14:40:01.675522+00:00	Debian Oval Importer	Affected by	VCID-r7t1-a958-d7dg	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	38.3.0
2026-04-11T14:29:34.303413+00:00	Debian Oval Importer	Affected by	VCID-hery-ps62-9kf5	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	38.3.0
2026-04-11T14:00:32.168193+00:00	Debian Oval Importer	Fixing	VCID-4fbk-5fwk-efbd	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	38.3.0
2026-04-11T13:58:01.482747+00:00	Debian Oval Importer	Fixing	VCID-tnwn-h2wc-q7c4	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	38.3.0
2026-04-08T23:18:50.319200+00:00	Debian Oval Importer	Affected by	VCID-tnwn-h2wc-q7c4	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T22:42:32.421372+00:00	Debian Oval Importer	Affected by	VCID-j1qj-kj7k-v7fx	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T22:41:17.315673+00:00	Debian Oval Importer	Affected by	VCID-hery-ps62-9kf5	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T21:40:49.419412+00:00	Debian Oval Importer	Affected by	VCID-rn5t-3pup-kbbv	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T20:07:44.844887+00:00	Debian Oval Importer	Affected by	VCID-r7t1-a958-d7dg	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T20:02:02.080042+00:00	Debian Oval Importer	Affected by	VCID-mbcb-cn8g-zfgw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T19:56:03.598013+00:00	Debian Oval Importer	Affected by	VCID-hpb7-1n1t-n3em	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T18:44:26.455115+00:00	Debian Oval Importer	Affected by	VCID-pww8-5fsd-1kcz	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T18:30:49.371773+00:00	Debian Oval Importer	Affected by	VCID-4fbk-5fwk-efbd	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T16:05:04.962016+00:00	Debian Oval Importer	Affected by	VCID-wm39-aehq-cyfb	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-07T23:25:33.383480+00:00	Debian Oval Importer	Affected by	VCID-mbcb-cn8g-zfgw	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	38.1.0
2026-04-07T23:13:03.305062+00:00	Debian Oval Importer	Affected by	VCID-r7t1-a958-d7dg	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	38.1.0
2026-04-07T23:02:56.501447+00:00	Debian Oval Importer	Affected by	VCID-hery-ps62-9kf5	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	38.1.0
2026-04-07T22:35:01.620140+00:00	Debian Oval Importer	Fixing	VCID-4fbk-5fwk-efbd	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	38.1.0
2026-04-07T22:32:41.086506+00:00	Debian Oval Importer	Fixing	VCID-tnwn-h2wc-q7c4	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	38.1.0