Skip to content

kube-httpcache is vulnerable to Cross-Site Request Forgery (CSRF)

Moderate severity GitHub Reviewed Published Nov 29, 2022 in mittwald/kube-httpcache • Updated Jan 12, 2023

Package

gomod github.com/mittwald/kube-httpcache (Go)

Affected versions

< 0.7.1

Patched versions

0.7.1

Description

Impact

A request forgery attack can be performed on Varnish Cache servers that have the HTTP/2 protocol turned on. An attacker may introduce characters through the HTTP/2 pseudo-headers that are invalid in the context of an HTTP/1 request line, causing the Varnish server to produce invalid HTTP/1 requests to the backend. This may in turn be used to successfully exploit vulnerabilities in a server behind the Varnish server.
-- https://varnish-cache.org/security/VSV00011.html#vsv00011

Patches

This is fixed in Varnish 6.0.11; Varnish 6.0.11 is available in kube-httpcache versions v0.7.1 and later.

Workarounds

See upstream mitigation hints.

References

References

@martin-helmich martin-helmich published to mittwald/kube-httpcache Nov 29, 2022
Published to the GitHub Advisory Database Dec 2, 2022
Reviewed Dec 2, 2022
Last updated Jan 12, 2023

Severity

Moderate

EPSS score

Weaknesses

Cross-Site Request Forgery (CSRF)

The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request. Learn more on MITRE.

CVE ID

No known CVE

GHSA ID

GHSA-47xh-qxqv-mgvg

Source code

Credits

Loading Checking history
See something to contribute? Suggest improvements for this vulnerability.