Unrated severityNVD Advisory· Published Mar 21, 2025· Updated Apr 3, 2025
CVE-2025-30346
CVE-2025-30346
Description
Varnish Cache before 7.6.2 and Varnish Enterprise before 6.0.13r10 allow client-side desync via HTTP/1 requests.
Affected products
6<7.6.2+ 1 more
- (no CPE)range: <7.6.2
- (no CPE)range: 7.5.0
- Range: <6.0.13r10
- osv-coords3 versionspkg:bitnami/varnishpkg:rpm/opensuse/varnish&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/vinyl-cache&distro=openSUSE%20Tumbleweed
>= 0+ 2 more
- (no CPE)range: >= 0
- (no CPE)range: < 7.7.0-1.1
- (no CPE)range: < 9.0.0-1.1
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.