Oval Definition:oval:org.opensuse.security:def:202223959
Revision Date:2022-06-30Version:1
Title:CVE-2022-23959
Description:

In Varnish Cache before 6.6.2 and 7.x before 7.0.2, Varnish Cache 6.0 LTS before 6.0.10, and and Varnish Enterprise (Cache Plus) 4.1.x before 4.1.11r6 and 6.0.x before 6.0.9r4, request smuggling can occur for HTTP/1 connections.
Family:unixClass:vulnerability
Status:Reference(s):Mitre CVE-2022-23959
SUSE CVE-2022-23959
openSUSE-SU-2022:0144-1
openSUSE-SU-2022:0148-1
Platform(s):openSUSE Leap 15.4
openSUSE Tumbleweed
Product(s):
Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND Package Information
  • libvarnishapi3-7.1.0-1.1 is installed
  • OR varnish-7.1.0-1.1 is installed
  • OR varnish-devel-7.1.0-1.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.4 is installed
  • AND Package Information
  • libvarnishapi3-7.1.0-bp154.2.3.1 is installed
  • AND libvarnishapi3 is signed with openSUSE key
  • OR
  • varnish-7.1.0-bp154.2.3.1 is installed
  • AND varnish is signed with openSUSE key
  • OR
  • varnish-devel-7.1.0-bp154.2.3.1 is installed
  • AND varnish-devel is signed with openSUSE key
    • BACK