{"id":"CVE-2015-8852","details":"Varnish 3.x before 3.0.7, when used in certain stacked installations, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a header line terminated by a \\r (carriage return) character in conjunction with multiple Content-Length headers in an HTTP request.","modified":"2026-04-16T06:24:50.348509060Z","published":"2016-04-25T14:59:01Z","references":[{"type":"ADVISORY","url":"http://www.debian.org/security/2016/dsa-3553"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201607-10"},{"type":"ADVISORY","url":"https://www.varnish-cache.org/lists/pipermail/varnish-announce/2015-March/000701.html"},{"type":"FIX","url":"https://github.com/varnish/Varnish-Cache/commit/29870c8fe95e4e8a672f6f28c5fbe692bea09e9c"},{"type":"FIX","url":"https://github.com/varnish/Varnish-Cache/commit/85e8468bec9416bd7e16b0d80cb820ecd2b330c3"},{"type":"WEB","url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00064.html"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2016/04/16/1"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2016/04/18/7"}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}]}