Unrated severityNVD Advisory· Published Nov 1, 2013· Updated Apr 29, 2026
CVE-2013-4484
CVE-2013-4484
Description
Varnish before 3.0.5 allows remote attackers to cause a denial of service (child-process crash and temporary caching outage) via a GET request with trailing whitespace characters and no URI.
Affected products
20cpe:2.3:a:varnish_cache_project:varnish_cache:*:*:*:*:*:*:*:*+ 18 more
- cpe:2.3:a:varnish_cache_project:varnish_cache:*:*:*:*:*:*:*:*range: <=3.0.4
- cpe:2.3:a:varnish_cache_project:varnish_cache:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:varnish_cache_project:varnish_cache:2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:varnish_cache_project:varnish_cache:2.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:varnish_cache_project:varnish_cache:2.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:varnish_cache_project:varnish_cache:2.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:varnish_cache_project:varnish_cache:2.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:varnish_cache_project:varnish_cache:2.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:varnish_cache_project:varnish_cache:2.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:varnish_cache_project:varnish_cache:2.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:varnish_cache_project:varnish_cache:2.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:varnish_cache_project:varnish_cache:2.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:varnish_cache_project:varnish_cache:2.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:varnish_cache_project:varnish_cache:3.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:varnish_cache_project:varnish_cache:3.0.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:varnish_cache_project:varnish_cache:3.0.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:varnish_cache_project:varnish_cache:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:varnish_cache_project:varnish_cache:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:varnish_cache_project:varnish_cache:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:varnish-cache:varnish:2.0.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8- www.varnish-cache.org/trac/ticket/1367nvdExploitPatch
- archives.neohapsis.com/archives/bugtraq/2013-10/0158.htmlnvd
- lists.opensuse.org/opensuse-updates/2013-11/msg00029.htmlnvd
- lists.opensuse.org/opensuse-updates/2013-11/msg00033.htmlnvd
- secunia.com/advisories/55452nvd
- secunia.com/advisories/55746nvd
- www.debian.org/security/2012/dsa-2814nvd
- www.openwall.com/lists/oss-security/2013/10/30/5nvd
News mentions
0No linked articles in our index yet.