Lucene search
K

5 matches found

Vulnrichment
Vulnrichment
added 2025/07/30 1:41 p.m.7 views

CVE-2025-54425 Umbraco's Delivery API allows for cached requests to be returned with an invalid API key

Umbraco is an ASP.NET CMS. In versions 13.0.0 through 13.9.2, 15.0.0 through 15.4.1 and 16.0.0 through 16.1.0, the content delivery API can be restricted from public access where an API key must be provided in a header to authorize the request. It's also possible to configure output caching, such...

5.3CVSS6.9AI score0.00329EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/07/30 1:41 p.m.10 views

CVE-2025-54425 Umbraco's Delivery API allows for cached requests to be returned with an invalid API key

Umbraco is an ASP.NET CMS. In versions 13.0.0 through 13.9.2, 15.0.0 through 15.4.1 and 16.0.0 through 16.1.0, the content delivery API can be restricted from public access where an API key must be provided in a header to authorize the request. It's also possible to configure output caching, such...

5.3CVSS0.00329EPSS
Exploits0References5
CVE
CVE
added 2025/07/30 1:41 p.m.39 views

CVE-2025-54425

CVE-2025-54425 affects Umbraco’s Delivery API. When public access is restricted by an API key header and output caching is enabled, the cache does not vary by the API key header, potentially returning cached responses to users without a valid API key if a prior request with a valid key occurred. ...

5.3CVSS6.3AI score0.00329EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2025/07/29 7:10 p.m.6 views

GHSA-75VQ-QVHR-7FFR Umbraco Delivery API allows for cached requests to be returned with an invalid API key

Impact Umbraco's content delivery API can be restricted from public access such that an API key must be provided in a header to authorize the request. It's also possible to configure output caching, such that the delivery API outputs will be cached for a period of time, improving performance...

5.3CVSS7AI score0.00329EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2025/07/29 7:10 p.m.14 views

Umbraco Delivery API allows for cached requests to be returned with an invalid API key

Impact Umbraco's content delivery API can be restricted from public access such that an API key must be provided in a header to authorize the request. It's also possible to configure output caching, such that the delivery API outputs will be cached for a period of time, improving performance...

5.3CVSS7AI score0.00329EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder