Lucene search
K

5 matches found

Cvelist
Cvelist
added 2026/06/03 1:16 p.m.39 views

CVE-2026-8404 Potential exposure of private data via case-sensitive Cache-Control directives in UpdateCacheMiddleware

An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6. django.middleware.cache.UpdateCacheMiddleware in Django does not match Cache-Control response directives case-insensitively, which allows remote attackers to read responses that were incorrectly cached because their...

3.1CVSS0.00285EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/01/27 7:34 p.m.4 views

CVE-2026-24472 Hono cache middleware ignores "Cache-Control: private" leading to Web Cache Deception

Hono is a Web application framework that provides support for any JavaScript runtime. Prior to version 4.11.7, Cache Middleware contains an information disclosure vulnerability caused by improper handling of HTTP cache control directives. The middleware does not respect standard cache control...

5.3CVSS5.9AI score0.00457EPSS
Exploits0References3
Pen Test Partners Blog
Pen Test Partners Blog
added 2025/03/12 6:51 a.m.8 views

Take control of Cache-Control and local caching

TL;DR Caching speeds up website content delivery What caching directives are and how to use them The No-cache directive does not prevent caching The No-store directiveprevents caching Introduction The HTTP Cache-Control header is sometimes misunderstood. It's important because it is used to speci...

6.5AI score
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 6:5 a.m.3 views

SUSE CVE-2009-0358

Mozilla Firefox 3.x before 3.0.6 does not properly implement the 1 no-store and 2 no-cache Cache-Control directives, which allows local users to obtain sensitive information by using the a back button or b history list of the victim's browser, as demonstrated by reading the response page of an...

3.3CVSS8.3AI score0.00521EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2009/02/04 8:59 a.m.3 views

Firefox directives to not cache pages ignored

Mozilla Firefox 3.x before 3.0.6 does not properly implement the 1 no-store and 2 no-cache Cache-Control directives, which allows local users to obtain sensitive information by using the a back button or b history list of the victim's browser, as demonstrated by reading the response page of an...

3.3CVSS7.4AI score0.00521EPSS
Exploits0References4
Rows per page
Query Builder