22 matches found
CVE-2026-44457 Hono: Cache Middleware ignores Vary: Authorization / Vary: Cookie leading to cross-user cache leakage
Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.18, Cache Middleware does not skip caching for responses that declare per-user variance via Vary: Authorization or Vary: Cookie. As a result, a response cached for one authenticated user may be...
PT-2026-39155
An issue was discovered in 6.0 before 6.0.5 and 5.2 before 5.2.14. django.middleware.cache.UpdateCacheMiddleware erroneously caches requests where the Vary header contained an asterisk ''. This can lead to private data being stored and served. Earlier, unsupported Django series such as 5.0.x,...
EUVD-2026-27382
An issue was discovered in 6.0 before 6.0.5 and 5.2 before 5.2.14. django.middleware.cache.UpdateCacheMiddleware erroneously caches requests where the Vary header contained an asterisk ''. This can lead to private data being stored and served. Earlier, unsupported Django series such as 5.0.x,...
Use of Cache Containing Sensitive Information
Overview Django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design. Affected versions of this package are vulnerable to Use of Cache Containing Sensitive Information in the UpdateCacheMiddleware middleware. An attacker can access private data...
CVE-2026-6907
An issue was discovered in 6.0 before 6.0.5 and 5.2 before 5.2.14. django.middleware.cache.UpdateCacheMiddleware erroneously caches requests where the Vary header contained an asterisk ''. This can lead to private data being stored and served. Earlier, unsupported Django series such as 5.0.x,...
Django 安全漏洞
Django is a set of open-source web frameworks based on the Python language, developed by the Django Foundation. This framework includes an object-oriented mapper, view system, template system, etc. Versions of Django prior to 6.0.5 and 5.2.14 contained security vulnerabilities. These...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-Flask (SUSE-SU-2026:0849-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0849-1 advisory. This update for python-Flask fixes the following issue: - CVE-2026-27205: information disclosure due to...
Hono vulnerable to Vary Header Injection leading to potential CORS Bypass
Summary A flaw in the CORS middleware allowed request Vary headers to be reflected into the response, enabling attacker-controlled Vary values and potentially affecting cache behavior. Details The middleware previously copied the Vary header from the request when origin was not set to "". Since...
Linux Distros Unpatched Vulnerability : CVE-2025-9901
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libsoup's caching mechanism, SoupCache, where the HTTP Vary header is ignored when evaluating cached responses. This header ensures that...
AZL-67058 CVE-2025-9901 affecting package libsoup 3.4.4-12
A flaw was found in libsoup’s caching mechanism, SoupCache, where the HTTP Vary header is ignored when evaluating cached responses. This header ensures that responses vary appropriately based on request headers such as language or authentication. Without this check, cached content can be...
Use of Cache Containing Sensitive Information
Overview Affected versions of this package are vulnerable to Use of Cache Containing Sensitive Information via improper validation of HTTP Vary header in SoupCache caching mechanism. An attacker can access confidential information by retrieving cached HTTP responses intended for other users. Note...
GHSA-R2FC-CCR8-96C4 Next.js has a Cache poisoning vulnerability due to omission of the Vary header
Summary A cache poisoning issue in Next.js App Router =15.3.0 and 15.3.3 may have allowed RSC payloads to be cached and served in place of HTML, under specific conditions involving middleware and redirects. This issue has been fixed in Next.js 15.3.3. Users on affected versions should upgrade...
SUSE CVE-2023-5722
Using iterative requests an attacker was able to learn the size of an opaque response, as well as the contents of a server-supplied Vary header. This vulnerability affects Firefox 119...
Fuzzing HTTP Proxies: Squid, Part 2
Research Fuzzing HTTP Proxies: Squid, Part 2 Share October 1st, 2021 Security is important to us, here at Opera. That’s why, apart from making our browsers safer, we also want to make the Web a bit safer. One of those ways is helping other developers find and fix vulnerabilities in their products...
resteasy: Vary header not added by CORS filter leading to cache poisoning
It was discovered that the CORS Filter did not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache poisoning in some circumstances...
resteasy: Vary header not added by CORS filter leading to cache poisoning
It was discovered that the CORS Filter did not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache poisoning in some circumstances...
resteasy: Vary header not added by CORS filter leading to cache poisoning
It was discovered that the CORS Filter did not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache poisoning in some circumstances...
resteasy: Vary header not added by CORS filter leading to cache poisoning
It was discovered that the CORS Filter did not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache poisoning in some circumstances...
resteasy: Vary header not added by CORS filter leading to cache poisoning
It was discovered that the CORS Filter did not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache poisoning in some circumstances...
tomcat: Vary header not added by CORS filter leading to cache poisoning
A vulnerability was discovered in Tomcat where the CORS Filter did not send a "Vary: Origin" HTTP header. This potentially allowed sensitive data to be leaked to other visitors through both client-side and server-side caches...