DEBIAN-CVE-2020-11653

DEBIAN-CVE-2020-11653 PUBLISHED CVSS 7.5 HIGH

An issue was discovered in Varnish Cache before 6.0.6 LTS, 6.1.x and 6.2.x before 6.2.3, and 6.3.x before 6.3.2. It occurs when communication with a TLS termination proxy uses PROXY version 2. There can be an assertion failure and daemon restart, which causes a performance loss.

Risk Scores

CVSS v3.1

7.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

Vendor	Product	Versions
Debian:14	varnish	0, 0, 0
Debian:11	varnish	0, 0, 0
Debian:13	varnish	0, 0, 0
Debian:12	varnish	0, 0, 0

Timeline

Apr 8, 2020 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2020-11653 advisory

Open in Interactive Console →