Lucene search
K

28 matches found

SUSE CVE
SUSE CVE
added 2026/05/06 1:45 a.m.13 views

SUSE CVE-2026-6907

An issue was discovered in 6.0 before 6.0.5 and 5.2 before 5.2.14. django.middleware.cache.UpdateCacheMiddleware erroneously caches requests where the Vary header contained an asterisk ''. This can lead to private data being stored and served. Earlier, unsupported Django series such as 5.0.x,...

4.3CVSS5.7AI score0.00358EPSS
Exploits0References6
EUVD
EUVD
added 2026/05/05 6:33 p.m.31 views

EUVD-2026-27382

An issue was discovered in 6.0 before 6.0.5 and 5.2 before 5.2.14. django.middleware.cache.UpdateCacheMiddleware erroneously caches requests where the Vary header contained an asterisk ''. This can lead to private data being stored and served. Earlier, unsupported Django series such as 5.0.x,...

4.3CVSS5.8AI score0.00358EPSS
Exploits0References4
PyPA
PyPA
added 2026/05/05 4:16 p.m.14 views

PYSEC-2026-55

An issue was discovered in 6.0 before 6.0.5 and 5.2 before 5.2.14.django.middleware.cache.UpdateCacheMiddleware erroneously caches requests where the Vary header contained an asterisk ''. This can lead to private data being stored and served.Earlier, unsupported Django series such as 5.0.x, 4.1.x...

5.3CVSS5.8AI score0.00358EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/05/05 2:50 p.m.51 views

CVE-2026-6907 Potential exposure of private data due to incorrect handling of Vary: * in UpdateCacheMiddleware

An issue was discovered in 6.0 before 6.0.5 and 5.2 before 5.2.14. django.middleware.cache.UpdateCacheMiddleware erroneously caches requests where the Vary header contained an asterisk ''. This can lead to private data being stored and served. Earlier, unsupported Django series such as 5.0.x,...

4.3CVSS0.00358EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/05 2:50 p.m.7 views

CVE-2026-6907 Potential exposure of private data due to incorrect handling of Vary: * in UpdateCacheMiddleware

An issue was discovered in 6.0 before 6.0.5 and 5.2 before 5.2.14. django.middleware.cache.UpdateCacheMiddleware erroneously caches requests where the Vary header contained an asterisk ''. This can lead to private data being stored and served. Earlier, unsupported Django series such as 5.0.x,...

4.3CVSS5.7AI score0.00358EPSS
Exploits0References3
CVE
CVE
added 2026/05/05 2:50 p.m.28 views

CVE-2026-6907

The CVE affects Django 6.0 before 6.0.5 and 5.2 before 5.2.14. The vulnerability lies in django.middleware.cache.UpdateCacheMiddleware, which may cache requests when the Vary header contains an asterisk (*) and thereby expose private data. This could cause private data to be stored and subsequent...

5.3CVSS5.8AI score0.00358EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCve
added 2026/05/05 2:0 p.m.6 views

CVE-2026-6907

An issue was discovered in 6.0 before 6.0.5 and 5.2 before 5.2.14. django.middleware.cache.UpdateCacheMiddleware erroneously caches requests where the Vary header contained an asterisk ''. This can lead to private data being stored and served. Earlier, unsupported Django series such as 5.0.x,...

5.3CVSS5.7AI score0.00358EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/05 12:0 a.m.11 views

PT-2026-37078

Name of the Vulnerable Software and Affected Versions Django versions 6.0 through 6.0.4 Django versions 5.2 through 5.2.13 Description An issue in django.middleware.cache.UpdateCacheMiddleware causes requests where the Vary header contains an asterisk '' to be erroneously cached. This behavior ca...

5.3CVSS5.8AI score0.00358EPSS
Exploits0References45
Rows per page
Query Builder