Vulnerabilities > Varnish Cache Project

DATE	CVE	VULNERABILITY TITLE	RISK
2016-04-25	CVE-2015-8852	Varnish 3.x before 3.0.7, when used in certain stacked installations, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a header line terminated by a \r (carriage return) character in conjunction with multiple Content-Length headers in an HTTP request. network low complexity varnish-cache-project debian	5.0
2013-11-01	CVE-2013-4484	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Varnish before 3.0.5 allows remote attackers to cause a denial of service (child-process crash and temporary caching outage) via a GET request with trailing whitespace characters and no URI. network low complexity varnish-cache varnish-cache-project CWE-119	5.0

Vulnerabilities > Varnish Cache Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Varnish Cache Project"}]}