A local attacker can access the password used to protect a PDF in cleartext.

A remote attacker can send a specially crafted DNS request leading to a denial of service.

A remote attacker able to send specially crafted HTTP/1 chunked requests can exploit Varnish to smuggle additional requests, potentially leading to information disclosure and allowing incorrect or malicious content to be cached and served to other users.