Falhas do tipo CWE-524

47 resultados
CVE-2021-24027A cache configuration issue prior to WhatsApp for Android v2.21.4.18 and WhatsApp Business for Android v2.21.4.18 may have allowed a third pEPSS 3.8%CVE-2019-9494The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side-channel attacksEPSS 3.7%CVE-2019-9495The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patternsEPSS 3.4%CVE-2019-14997The AccessLogFilter class in Jira before version 8.4.0 allows remote anonymous attackers to learn details about other users, including theirEPSS 1.2%CVE-2024-0874MEDIUMCoredns: cd bit response is cached and served laterEPSS 0.8%CVE-2024-45596HIGHDirectus's session is cached for OpenID and OAuth2 if `redirect` is not usedEPSS 0.6%CVE-2021-44854MEDIUMAn issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. The REST API publicly caches results froEPSS 0.6%CVE-2024-27917HIGHShopware's session is persistent in Cache for 404 pagesEPSS 0.6%CVE-2022-3292MEDIUMUse of Cache Containing Sensitive Information in ikus060/rdiffwebEPSS 0.5%CVE-2019-11244LOWkubectl creates world-writeable cached schema filesEPSS 0.5%CVE-2026-24472MEDIUMHono cache middleware ignores "Cache-Control: private" leading to Web Cache DeceptionEPSS 0.5%CVE-2023-45696MEDIUMHCL Sametime is impacted by an autocomplete enabled vulnerabilityEPSS 0.4%CVE-2023-37486MEDIUMInformation Disclosure vulnerability in SAP Commerce (OCC API)EPSS 0.4%CVE-2025-9901MEDIUMLibsoup: improper handling of http vary header in libsoup cachingEPSS 0.4%CVE-2026-25540MEDIUMMastodon's signature-dependent ActivityPub collection responses cached under signature-independent keys (Web Cache Poisoning via `Rails.cache`)EPSS 0.4%CVE-2026-27205LOWFlask session does not add `Vary: Cookie` header when accessed in some waysEPSS 0.4%CVE-2026-35193LOWPotential exposure of private data via missing Vary: Authorization in UpdateCacheMiddlewareEPSS 0.4%CVE-2026-6907LOWPotential exposure of private data due to incorrect handling of Vary: * in UpdateCacheMiddlewareEPSS 0.4%CVE-2024-49580MEDIUMIn JetBrains Ktor before 2.3.13 improper caching in HttpCache Plugin could lead to response information disclosureEPSS 0.3%CVE-2025-64762HIGHauthkit-nextjs may let session cookies be cached in CDNsEPSS 0.3%