Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2026/06/03 9:51 p.m.14 views

CVE-2026-48587

A flaw was found in Django. Remote attackers can exploit this vulnerability due to django.utils.cache.hasvaryheader not properly stripping whitespace from Vary response header values. This allows an attacker to read cached responses by sending requests to URLs with whitespace-padded Vary header...

5.3CVSS5.6AI score0.00354EPSS
Exploits0References6
PyPA
PyPA
added 2026/06/03 2:16 p.m.15 views

PYSEC-2026-198

An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6.django.utils.cache.hasvaryheader in Django does not strip leading or trailing whitespace from Vary response header values before comparison, which allows remote attackers to read cached responses via requests to URLs whose...

5.3CVSS5.4AI score0.00354EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2026/06/03 2:16 p.m.13 views

CVE-2026-48587

An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6. django.utils.cache.hasvaryheader in Django does not strip leading or trailing whitespace from Vary response header values before comparison, which allows remote attackers to read cached responses via requests to URLs whose...

5.3CVSS0.00354EPSS
Exploits0References3
OSV
OSV
added 2026/06/03 2:16 p.m.11 views

PYSEC-2026-198

An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6. django.utils.cache.hasvaryheader in Django does not strip leading or trailing whitespace from Vary response header values before comparison, which allows remote attackers to read cached responses via requests to URLs whose...

5.3CVSS5.4AI score0.00354EPSS
Exploits0References3
Rows per page
Query Builder