•
MEDIUM Severity
CVE-2025-47905
Varnish Cache allows client-side desync via HTTP/1 requests
Overview
Varnish Cache before specific versions (7.6.3, 7.7.1, and Varnish Enterprise before 6.0.13r14) has a vulnerability that allows client-side desynchronization via HTTP/1 requests by incorrectly permitting CRLF to delimit chunk boundaries.
Technical Details
The issue arises as the product accepts Carriage Return Line Feed (CRLF) to mark the limit of chunks, leading to client-side desynchronization through HTTP/1 requests.
CVSS Metrics
- The attack occurs via the network
- High attack complexity
- No privileges required
- No user interaction required
- Changed scope
- Low impact on confidentiality and integrity
- No impact on availability
Impact
Products using the affected versions of Varnish Cache may be exposed to client-side desynchronization attacks, causing data inconsistency.
Recommendations
- Update Varnish Cache to the latest version
- Regularly patch and update software
- Monitor network traffic for suspicious activity
Threat Metrics
- "cvss_score": 5.4
- "severity": "MEDIUM"
- "attack_vector": "NETWORK"
- "attack_complexity": "HIGH"