Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-524 (通过缓存导致的信息暴露) — Vulnerability Class 30

30 vulnerabilities classified as CWE-524 (通过缓存导致的信息暴露). AI Chinese analysis included.

CWE-524 represents a critical information exposure weakness where applications store sensitive data in caches that remain accessible to unauthorized actors outside the intended security boundary. This vulnerability typically arises when developers prioritize performance optimization by caching resources like passwords, financial records, or session tokens without implementing adequate access controls or encryption. Attackers exploit this flaw by accessing the underlying cache storage, often through memory inspection, shared hosting environments, or indirect file system access, thereby retrieving confidential information that should remain isolated. To mitigate this risk, developers must ensure that cached data is strictly encrypted, ephemeral, or restricted to privileged processes. Implementing rigorous memory management practices, clearing sensitive entries immediately after use, and applying the principle of least privilege to cache access mechanisms are essential strategies for preventing unintended data leakage and maintaining robust application security.

MITRE CWE Description
The code uses a cache that contains sensitive information, but the cache can be read by an actor outside of the intended control sphere. Applications may use caches to improve efficiency when communicating with remote entities or performing intensive calculations. A cache maintains a pool of objects, threads, connections, pages, financial data, passwords, or other resources to minimize the time it takes to initialize and access these resources. If the cache is accessible to unauthorized actors, attackers can read the cache and obtain this sensitive information.
Common Consequences (1)
ConfidentialityRead Application Data
Mitigations (3)
Architecture and DesignProtect information stored in cache.
Architecture and DesignDo not store unnecessarily sensitive information in the cache.
Architecture and DesignConsider using encryption in the cache.
CVE IDTitleCVSSSeverityPublished
CVE-2026-6907 Potential exposure of private data due to incorrect handling of Vary: * in UpdateCacheMiddleware — Django 4.3 Medium2026-05-05
CVE-2026-22741 Static resource cache poisoning in Spring MVC and WebFlux — Spring Framework 3.1 Low2026-04-29
CVE-2025-14806 IBM Planning Analytics Information Disclosure — Planning Analytics Local 5.7 Medium2026-03-17
CVE-2026-27205 Flask session does not add `Vary: Cookie` header when accessed in some ways — flask 7.5AIHighAI2026-02-21
CVE-2026-25540 Mastodon's signature-dependent ActivityPub collection responses cached under signature-independent keys (Web Cache Poisoning via `Rails.cache`) — mastodon 6.5 Medium2026-02-04
CVE-2026-24472 Hono cache middleware ignores "Cache-Control: private" leading to Web Cache Deception — hono 5.3 Medium2026-01-27
CVE-2025-69202 axios-cache-interceptor Vulnerable to Cache Poisoning via Ignored HTTP Vary Header — axios-cache-interceptor 9.1 -2025-12-29
CVE-2025-64696 Brother iPrint&Scan 安全漏洞 — Android App "Brother iPrint&Scan" 6.2AIMediumAI2025-12-09
CVE-2025-64762 authkit-nextjs may let session cookies be cached in CDNs — authkit-nextjs 4.2 -2025-11-21
CVE-2025-61598 Discourse is missing Cache-Control response header on error responses — discourse 5.3AIMediumAI2025-10-28
CVE-2025-9901 Libsoup: improper handling of http vary header in libsoup caching — Red Hat Enterprise Linux 10 5.9 Medium2025-09-03
CVE-2025-57752 Next.js Affected by Cache Key Confusion for Image Optimization API Routes — next.js 6.2 Medium2025-08-29
CVE-2025-5141 Core Privileged Access Manager (BoKS) Leakage of Sensitive Data via the Cache — Core Privileged Access Manager (BoKS) 5.5 Medium2025-06-17
CVE-2025-4233 Prisma Access Browser: Inappropriate implementation in Cache — Prisma Access Browser 7.5AIHighAI2025-06-12
CVE-2023-37517 HCL Domino Volt and Domino Leap are affected by missing "no cache" headers — HCL Domino Leap 3.2 Low2025-04-30
CVE-2023-37516 HCL Leap is affected by missing "no cache" headers — HCL Leap 3.2 Low2025-04-24
CVE-2024-30127 HCL Leap is affected by missing "no cache" headers — HCL Leap 3.2 Low2025-04-24
CVE-2024-12314 Rapid Cache <= 1.2.3 - Unauthenticated Cache Poisoning — Rapid Cache 7.2 High2025-02-18
CVE-2024-49580 JetBrains Ktor framework 安全漏洞 — Ktor 5.3 Medium2024-10-17
CVE-2024-45596 Directus's session is cached for OpenID and OAuth2 if `redirect` is not used — directus 7.4 High2024-09-10
CVE-2024-41906 Siemens SINEC Traffic Analyzer 安全漏洞 — SINEC Traffic Analyzer 4.8 Medium2024-08-13
CVE-2024-33004 Insecure Storage vulnerability in SAP BusinessObjects Business Intelligence Platform (Webservices) — SAP BusinessObjects Business Intelligence Platform (Webservices) 4.3 Medium2024-05-14
CVE-2024-0874 Coredns: cd bit response is cached and served later 5.3 Medium2024-04-25
CVE-2024-27917 Shopware's session is persistent in Cache for 404 pages — shopware 7.5 High2024-03-06
CVE-2023-37486 Information Disclosure vulnerability in SAP Commerce (OCC API) — SAP Commerce (OCC API) 5.9 Medium2023-08-08
CVE-2022-3292 Use of Cache Containing Sensitive Information in ikus060/rdiffweb — ikus060/rdiffweb 6.5 -2022-09-28
CVE-2021-24027 Facebook WhatsApp 安全漏洞 — WhatsApp Business for Android 7.5 -2021-04-06
CVE-2019-14997 Atlassian Jira 安全漏洞 — Jira 4.3 -2019-09-11
CVE-2019-11244 kubectl creates world-writeable cached schema files — Kubernetes 5.5 -2019-04-22
CVE-2019-9495 The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns — hostapd with EAP-pwd support 5.9 -2019-04-17

Vulnerabilities classified as CWE-524 (通过缓存导致的信息暴露) represent 30 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.