CVE-2022-45060
published 2022-11-09CVE-2022-45060: An HTTP Request Forgery issue was discovered in Varnish Cache 5.x and 6.x before 6.0.11, 7.x before 7.1.2, and 7.2.x before 7.2.1. An attacker may introduce…
PriorityP342high7.5CVSS 3.1
AVNACLPRNUINSUCNIHAN
EPSS
0.93%
56.1th percentile
An HTTP Request Forgery issue was discovered in Varnish Cache 5.x and 6.x before 6.0.11, 7.x before 7.1.2, and 7.2.x before 7.2.1. An attacker may introduce characters through HTTP/2 pseudo-headers that are invalid in the context of an HTTP/1 request line, causing the Varnish server to produce invalid HTTP/1 requests to the backend. This could, in turn, be used to exploit vulnerabilities in a server behind the Varnish server. Note: the 6.0.x LTS series (before 6.0.11) is affected.
Affected
25 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | varnish | < varnish 7.1.1-1.1 (bookworm) | varnish 7.1.1-1.1 (bookworm) |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| varnish-cache | varnish | >= 0 < 6.5.1-1+deb11u3 | 6.5.1-1+deb11u3 |
| varnish-cache | varnish | >= 0 < 7.1.1-1.1 | 7.1.1-1.1 |
| varnish-cache | varnish | >= 0 < 7.1.1-1.1 | 7.1.1-1.1 |
| varnish-cache | varnish | >= 0 < 7.1.1-1.1 | 7.1.1-1.1 |
| varnish-software | varnish_cache | >= 6.0.0 < 6.0.11 | 6.0.11 |
| varnish-software | varnish_cache_plus | — | — |
| varnish-software | varnish_cache_plus | — | — |
| varnish-software | varnish_cache_plus | — | — |
| varnish-software | varnish_cache_plus | — | — |
| varnish-software | varnish_cache_plus | — | — |
| varnish-software | varnish_cache_plus | — | — |
| varnish-software | varnish_cache_plus | — | — |
| varnish-software | varnish_cache_plus | — | — |
| varnish-software | varnish_cache_plus | — | — |
| varnish-software | varnish_cache_plus | — | — |
| varnish-software | varnish_cache_plus | — | — |
| varnish_cache_project | varnish_cache | — | — |
| varnish_cache_project | varnish_cache | >= 5.0.0 < 6.0.11 | 6.0.11 |
| varnish_cache_project | varnish_cache | >= 7.0.0 < 7.1.2 | 7.1.2 |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
osv7.5HIGH
vendor_debian7.5HIGH
vendor_redhat7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
CVE-2022-45060: An HTTP Request Forgery issue was discovered in Varnish Cache 5
osv·2022-11-09·CVSS 7.5
CVE-2022-45060 [HIGH] CVE-2022-45060: An HTTP Request Forgery issue was discovered in Varnish Cache 5
An HTTP Request Forgery issue was discovered in Varnish Cache 5.x and 6.x before 6.0.11, 7.x before 7.1.2, and 7.2.x before 7.2.1. An attacker may introduce characters through HTTP/2 pseudo-headers that are invalid in the context of an HTTP/1 request line, causing the Varnish server to produce invalid HTTP/1 requests to the backend. This could, in turn, be used to exploit vulnerabilities in a server behind the Varnish server. Note: the 6.0.x LTS series (before 6.0.11) is affected.
GHSA
GHSA-78x9-jhxm-553x: An HTTP Request Forgery issue was discovered in Varnish Cache 5
ghsa_unreviewed·2022-11-09
CVE-2022-45060 [HIGH] CWE-20 GHSA-78x9-jhxm-553x: An HTTP Request Forgery issue was discovered in Varnish Cache 5
An HTTP Request Forgery issue was discovered in Varnish Cache 5.x and 6.x before 6.0.11, 7.x before 7.1.2, and 7.2.x before 7.2.1. An attacker may introduce characters through HTTP/2 pseudo-headers that are invalid in the context of an HTTP/1 request line, causing the Varnish server to produce invalid HTTP/1 requests to the backend. This could, in turn, be used to exploit vulnerabilities in a server behind the Varnish server. Note: the 6.0.x LTS series (before 6.0.11) is affected.
Ubuntu
Varnish vulnerability
vendor_ubuntu·2025-03-26
CVE-2022-45060 Varnish vulnerability
Title: Varnish vulnerability
Summary: Varnish could allow unintended access to network services.
Martin van Kervel Smedshammer discovered that Varnish did not properly
sanitize certain HTTP headers. A remote attacker could possibly use this
issue to perform a cross-site request forgery (CSRF) attack.
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
varnish: Request Forgery Vulnerability
vendor_redhat·2022-11-08·CVSS 7.5
CVE-2022-45060 [HIGH] CWE-918 varnish: Request Forgery Vulnerability
varnish: Request Forgery Vulnerability
An HTTP Request Forgery issue was discovered in Varnish Cache 5.x and 6.x before 6.0.11, 7.x before 7.1.2, and 7.2.x before 7.2.1. An attacker may introduce characters through HTTP/2 pseudo-headers that are invalid in the context of an HTTP/1 request line, causing the Varnish server to produce invalid HTTP/1 requests to the backend. This could, in turn, be used to exploit vulnerabilities in a server behind the Varnish server. Note: the 6.0.x LTS series (before 6.0.11) is affected.
An HTTP Request Forgery issue was discovered in Varnish Cache. An attacker may introduce characters through HTTP/2 pseudo-headers that are invalid in the context of an HTTP/1 request line, causing the Varnish server to produce invalid HTTP/1 requests to the backend. This c
Debian
CVE-2022-45060: varnish - An HTTP Request Forgery issue was discovered in Varnish Cache 5.x and 6.x before...
vendor_debian·2022·CVSS 7.5
CVE-2022-45060 [HIGH] CVE-2022-45060: varnish - An HTTP Request Forgery issue was discovered in Varnish Cache 5.x and 6.x before...
An HTTP Request Forgery issue was discovered in Varnish Cache 5.x and 6.x before 6.0.11, 7.x before 7.1.2, and 7.2.x before 7.2.1. An attacker may introduce characters through HTTP/2 pseudo-headers that are invalid in the context of an HTTP/1 request line, causing the Varnish server to produce invalid HTTP/1 requests to the backend. This could, in turn, be used to exploit vulnerabilities in a server behind the Varnish server. Note: the 6.0.x LTS series (before 6.0.11) is affected.
Scope: local
bookworm: resolved (fixed in 7.1.1-1.1)
bullseye: resolved (fixed in 6.5.1-1+deb11u3)
forky: resolved (fixed in 7.1.1-1.1)
sid: resolved (fixed in 7.1.1-1.1)
trixie: resolved (fixed in 7.1.1-1.1)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://docs.varnish-software.com/security/VSV00011https://lists.debian.org/debian-lts-announce/2022/11/msg00036.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G6ZMOZVBLZXHEV5VRW4I4SOWLQEK5OF5/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M4KVVCIQVINQQ2D7ORNARSYALMJUMP3I/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XGF6LFTHXCSYMYUX5HLMVXQH3WHCSFLU/https://varnish-cache.org/security/VSV00011.htmlhttps://www.debian.org/security/2023/dsa-5334https://docs.varnish-software.com/security/VSV00011https://lists.debian.org/debian-lts-announce/2022/11/msg00036.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G6ZMOZVBLZXHEV5VRW4I4SOWLQEK5OF5/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M4KVVCIQVINQQ2D7ORNARSYALMJUMP3I/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XGF6LFTHXCSYMYUX5HLMVXQH3WHCSFLU/https://varnish-cache.org/security/VSV00011.htmlhttps://www.debian.org/security/2023/dsa-5334
2022-11-09
Published