4 matches found
undici: Undici: Information disclosure due to improper cache-control header parsing
A flaw was found in Undici. The cache interceptor in shared-cache mode incorrectly classifies certain responses as cacheable due to improper handling of whitespace-padded Cache-Control header field names. This vulnerability allows an unauthenticated attacker to access authenticated user data from...
HCL AION Information Disclosure Vulnerability (CNVD-2026-16412)
HCL AION is an AI lifecycle management platform from HCL India. HCL AION suffers from an information disclosure vulnerability that can be exploited by an attacker to gain access to cached data information...
PT-2024-29625 · Unknown · Sinec Traffic Analyzer
Name of the Vulnerable Software and Affected Versions: SINEC Traffic Analyzer versions prior to V2.0 Description: The affected application does not properly handle cacheable HTTP responses in the web service, which could allow an attacker to read and modify data stored in the local cache...
CVE-2019-17335
The Data access layer component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace and TIBCO Spotfire Server contains multiple vulnerabilities that theoretically allow an attacker access to data cached from a data source, or a portion of a data source, that the attacke...