VDB
CVE-2015-8852
CVE-2015-8852
PUBLISHED
EPSS 1.09% · 78.3th percentile
Risk Scores
EPSS Score
1.09%
78.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Amazon | varnish |
Exploit Intelligence
- Apache HTTP Request Parsing Whitespace Defects (hackerone)
- Apache HTTP Request Parsing Whitespace Defects (hackerone)
- Apache HTTP Request Parsing Whitespace Defects (hackerone)
- Multiple HTTP Smuggling reports (hackerone)
- Multiple HTTP Smuggling reports (hackerone)
- Multiple HTTP Smuggling reports (hackerone)
- GLSA-201607-10 (circl)
- openSUSE-SU-2016:1316 (circl)
- [oss-security] 20160416 CVE request: Varnish 3 before 3.0.7 was vulnerable to HTTP Smuggling issues: Double Content Length and bad EOL (circl)
- https://github.com/varnish/Varnish-Cache/commit/85e8468bec9416bd7e16b0d80cb820ecd2b330c3 (circl)
…and 4 more exploits
Timeline
- CVE Published
- Jul 11, 2017 PoC Published
- Nov 12, 2019 PoC Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
References
- ALAS-2016-721: varnish (important) advisory