CWE-524
AllowedUse of Cache Containing Sensitive Information
Abstraction: Base · Status: Incomplete
The code uses a cache that contains sensitive information, but the cache can be read by an actor outside of the intended control sphere.
94 vulnerabilities reference this CWE, most recent first.
GHSA-HVXF-R5RG-WQF7
Vulnerability from github – Published: 2025-05-01 00:32 – Updated: 2025-05-01 00:32Missing "no cache" headers in HCL Leap permits sensitive data to be cached.
{
"affected": [],
"aliases": [
"CVE-2023-37517"
],
"database_specific": {
"cwe_ids": [
"CWE-524"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-04-30T22:15:15Z",
"severity": "LOW"
},
"details": "Missing \"no cache\" headers in HCL Leap permits sensitive data to be cached.",
"id": "GHSA-hvxf-r5rg-wqf7",
"modified": "2025-05-01T00:32:29Z",
"published": "2025-05-01T00:32:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-37517"
},
{
"type": "WEB",
"url": "https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0120722"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-HXJP-2XF5-WMRJ
Vulnerability from github – Published: 2025-09-03 15:30 – Updated: 2026-05-06 18:30A flaw was found in libsoup’s caching mechanism, SoupCache, where the HTTP Vary header is ignored when evaluating cached responses. This header ensures that responses vary appropriately based on request headers such as language or authentication. Without this check, cached content can be incorrectly reused across different requests, potentially exposing sensitive user information. While the issue is unlikely to affect everyday desktop use, it could result in confidentiality breaches in proxy or multi-user environments.
{
"affected": [],
"aliases": [
"CVE-2025-9901"
],
"database_specific": {
"cwe_ids": [
"CWE-524"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-03T13:15:50Z",
"severity": "MODERATE"
},
"details": "A flaw was found in libsoup\u2019s caching mechanism, SoupCache, where the HTTP Vary header is ignored when evaluating cached responses. This header ensures that responses vary appropriately based on request headers such as language or authentication. Without this check, cached content can be incorrectly reused across different requests, potentially exposing sensitive user information. While the issue is unlikely to affect everyday desktop use, it could result in confidentiality breaches in proxy or multi-user environments.",
"id": "GHSA-hxjp-2xf5-wmrj",
"modified": "2026-05-06T18:30:23Z",
"published": "2025-09-03T15:30:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9901"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2025-9901"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392790"
},
{
"type": "WEB",
"url": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/453"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-J75R-XRR2-RGP6
Vulnerability from github – Published: 2024-02-10 03:30 – Updated: 2025-06-03 21:30Sametime is impacted by sensitive fields with autocomplete enabled in the Legacy web chat client. By default, this allows user entered data to be stored by the browser.
{
"affected": [],
"aliases": [
"CVE-2023-45696"
],
"database_specific": {
"cwe_ids": [
"CWE-524"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-02-10T03:15:07Z",
"severity": "MODERATE"
},
"details": "Sametime is impacted by sensitive fields with autocomplete enabled in the Legacy web chat client. By default, this allows user entered data to be stored by the browser.",
"id": "GHSA-j75r-xrr2-rgp6",
"modified": "2025-06-03T21:30:34Z",
"published": "2024-02-10T03:30:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45696"
},
{
"type": "WEB",
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0109082"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-M36G-FVPC-HVM4
Vulnerability from github – Published: 2026-01-16 21:30 – Updated: 2026-01-17 00:30An issue was discovered in Chamillo LMS 1.11.2. The Social Network /personal_data endpoint exposes full sensitive user information even after logout because proper cache-control is missing. Using the browser back button restores all personal data, allowing unauthorized users on the same device to view confidential information. This leads to profiling, impersonation, targeted attacks, and significant privacy risks.
{
"affected": [],
"aliases": [
"CVE-2025-69581"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-524"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-01-16T20:15:49Z",
"severity": "HIGH"
},
"details": "An issue was discovered in Chamillo LMS 1.11.2. The Social Network /personal_data endpoint exposes full sensitive user information even after logout because proper cache-control is missing. Using the browser back button restores all personal data, allowing unauthorized users on the same device to view confidential information. This leads to profiling, impersonation, targeted attacks, and significant privacy risks.",
"id": "GHSA-m36g-fvpc-hvm4",
"modified": "2026-01-17T00:30:24Z",
"published": "2026-01-16T21:30:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69581"
},
{
"type": "WEB",
"url": "https://github.com/Rivek619/CVE-2025-69581"
},
{
"type": "WEB",
"url": "https://github.com/chamilo/chamilo-lms"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-M52J-G5RM-PWW7
Vulnerability from github – Published: 2023-08-08 03:30 – Updated: 2024-09-29 00:30Under certain conditions SAP Commerce (OCC API) - versions HY_COM 2105, HY_COM 2205, COM_CLOUD 2211, endpoints allow an attacker to access information which would otherwise be restricted. On successful exploitation there could be a high impact on confidentiality with no impact on integrity and availability of the application.
{
"affected": [],
"aliases": [
"CVE-2023-37486"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-524"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-08-08T01:15:17Z",
"severity": "HIGH"
},
"details": "Under certain conditions\u00a0SAP Commerce\u00a0(OCC API) - versions HY_COM 2105, HY_COM 2205, COM_CLOUD 2211, endpoints allow an attacker to access information which would otherwise be restricted. On successful exploitation there could be a high impact on confidentiality with no impact on integrity and availability of the application.\n\n",
"id": "GHSA-m52j-g5rm-pww7",
"modified": "2024-09-29T00:30:57Z",
"published": "2023-08-08T03:30:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-37486"
},
{
"type": "WEB",
"url": "https://me.sap.com/notes/3341934"
},
{
"type": "WEB",
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-M9W6-WP3H-VQ8G
Vulnerability from github – Published: 2024-04-25 18:30 – Updated: 2024-09-12 00:31A flaw was found in coredns. This issue could lead to invalid cache entries returning due to incorrectly implemented caching.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 1.11.1"
},
"package": {
"ecosystem": "Go",
"name": "github.com/coredns/coredns"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.11.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-0874"
],
"database_specific": {
"cwe_ids": [
"CWE-524"
],
"github_reviewed": true,
"github_reviewed_at": "2024-04-25T19:57:51Z",
"nvd_published_at": "2024-04-25T17:15:47Z",
"severity": "MODERATE"
},
"details": "A flaw was found in coredns. This issue could lead to invalid cache entries returning due to incorrectly implemented caching.",
"id": "GHSA-m9w6-wp3h-vq8g",
"modified": "2024-09-12T00:31:22Z",
"published": "2024-04-25T18:30:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0874"
},
{
"type": "WEB",
"url": "https://github.com/coredns/coredns/issues/6186"
},
{
"type": "WEB",
"url": "https://github.com/coredns/coredns/pull/6354"
},
{
"type": "WEB",
"url": "https://github.com/coredns/coredns/commit/997c7f953962d47c242273f0e41398fdfb5b0151"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2024:0041"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2024:4850"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2024:6009"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2024:6406"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2024-0874"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2219234"
},
{
"type": "PACKAGE",
"url": "https://github.com/coredns/coredns"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": " CoreDNS may return invalid cache entries"
}
GHSA-MCGQ-5C2Q-CHC3
Vulnerability from github – Published: 2025-11-04 03:30 – Updated: 2025-12-17 21:30The issue was addressed with improved handling of caches. This issue is fixed in Safari 26.1, visionOS 26.1, watchOS 26.1, iOS 26.1 and iPadOS 26.1, tvOS 26.1. A website may exfiltrate image data cross-origin.
{
"affected": [],
"aliases": [
"CVE-2025-43392"
],
"database_specific": {
"cwe_ids": [
"CWE-524",
"CWE-942"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-11-04T02:15:46Z",
"severity": "MODERATE"
},
"details": "The issue was addressed with improved handling of caches. This issue is fixed in Safari 26.1, visionOS 26.1, watchOS 26.1, iOS 26.1 and iPadOS 26.1, tvOS 26.1. A website may exfiltrate image data cross-origin.",
"id": "GHSA-mcgq-5c2q-chc3",
"modified": "2025-12-17T21:30:33Z",
"published": "2025-11-04T03:30:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-43392"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/125632"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/125633"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/125634"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/125637"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/125638"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/125639"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/125640"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-MQ64-J8F9-9GCJ
Vulnerability from github – Published: 2026-06-09 06:31 – Updated: 2026-06-09 06:31Spring MVC and WebFlux applications are vulnerable to Information Disclosure attacks when resolving static resources.
Affected versions: Spring Framework 7.0.0 through 7.0.7; 6.2.0 through 6.2.18; 6.1.0 through 6.1.27; 5.3.0 through 5.3.48.
{
"affected": [],
"aliases": [
"CVE-2026-41841"
],
"database_specific": {
"cwe_ids": [
"CWE-524"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-09T05:16:36Z",
"severity": "MODERATE"
},
"details": "Spring MVC and WebFlux applications are vulnerable to Information Disclosure attacks when resolving static resources.\n\nAffected versions:\nSpring Framework 7.0.0 through 7.0.7; 6.2.0 through 6.2.18; 6.1.0 through 6.1.27; 5.3.0 through 5.3.48.",
"id": "GHSA-mq64-j8f9-9gcj",
"modified": "2026-06-09T06:31:57Z",
"published": "2026-06-09T06:31:57Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41841"
},
{
"type": "WEB",
"url": "https://spring.io/security/cve-2026-41841"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-MVWP-XPR9-3MWJ
Vulnerability from github – Published: 2025-12-12 21:31 – Updated: 2025-12-17 21:30The issue was addressed with improved handling of caches. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2. An attacker with physical access may be able to view deleted notes.
{
"affected": [],
"aliases": [
"CVE-2025-43410"
],
"database_specific": {
"cwe_ids": [
"CWE-524"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-12-12T21:15:54Z",
"severity": "LOW"
},
"details": "The issue was addressed with improved handling of caches. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2. An attacker with physical access may be able to view deleted notes.",
"id": "GHSA-mvwp-xpr9-3mwj",
"modified": "2025-12-17T21:30:42Z",
"published": "2025-12-12T21:31:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-43410"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/125635"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/125636"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/125886"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-P77W-8QQV-26RM
Vulnerability from github – Published: 2026-05-09 00:28 – Updated: 2026-05-14 20:35Summary
Cache Middleware does not skip caching for responses that declare per-user variance via Vary: Authorization or Vary: Cookie. As a result, a response cached for one authenticated user may be served to subsequent requests from different users.
Details
The Cache Middleware skips caching when a response carries Vary: *, certain Cache-Control directives (private, no-store, no-cache), or Set-Cookie. However, Vary: Authorization and Vary: Cookie — the standard signals defined in RFC 9110 / RFC 9111 to indicate per-user responses — are not treated as cache-skip reasons.
This issue arises when applications use the Cache Middleware on endpoints that return user-specific data and rely on Vary: Authorization or Vary: Cookie to scope the response per user, without also setting Cache-Control: private.
Impact
A user may receive a cached response that was originally generated for a different authenticated user. This may lead to:
- Disclosure of personally identifiable information or other user-specific data present in the response body
- Inconsistent or incorrect behavior in user-specific endpoints
This issue affects applications that use the Cache Middleware on endpoints whose responses vary by Authorization or Cookie and that do not also set Cache-Control: private.
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "hono"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.12.18"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-44457"
],
"database_specific": {
"cwe_ids": [
"CWE-524"
],
"github_reviewed": true,
"github_reviewed_at": "2026-05-09T00:28:46Z",
"nvd_published_at": "2026-05-13T16:16:57Z",
"severity": "MODERATE"
},
"details": "### Summary\n\nCache Middleware does not skip caching for responses that declare per-user variance via `Vary: Authorization` or `Vary: Cookie`. As a result, a response cached for one authenticated user may be served to subsequent requests from different users.\n\n### Details\n\nThe Cache Middleware skips caching when a response carries `Vary: *`, certain `Cache-Control` directives (`private`, `no-store`, `no-cache`), or `Set-Cookie`. However, `Vary: Authorization` and `Vary: Cookie` \u2014 the standard signals defined in RFC 9110 / RFC 9111 to indicate per-user responses \u2014 are not treated as cache-skip reasons.\n\nThis issue arises when applications use the Cache Middleware on endpoints that return user-specific data and rely on `Vary: Authorization` or `Vary: Cookie` to scope the response per user, without also setting `Cache-Control: private`.\n\n### Impact\n\nA user may receive a cached response that was originally generated for a different authenticated user. This may lead to:\n\n- Disclosure of personally identifiable information or other user-specific data present in the response body\n- Inconsistent or incorrect behavior in user-specific endpoints\n\nThis issue affects applications that use the Cache Middleware on endpoints whose responses vary by `Authorization` or `Cookie` and that do not also set `Cache-Control: private`.",
"id": "GHSA-p77w-8qqv-26rm",
"modified": "2026-05-14T20:35:40Z",
"published": "2026-05-09T00:28:46Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/honojs/hono/security/advisories/GHSA-p77w-8qqv-26rm"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44457"
},
{
"type": "PACKAGE",
"url": "https://github.com/honojs/hono"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Hono\u0027s Cache Middleware ignores Vary: Authorization / Vary: Cookie leading to cross-user cache leakage"
}
Mitigation
Protect information stored in cache.
Mitigation
Do not store unnecessarily sensitive information in the cache.
Mitigation
Consider using encryption in the cache.
CAPEC-204: Lifting Sensitive Data Embedded in Cache
An adversary examines a target application's cache, or a browser cache, for sensitive information. Many applications that communicate with remote entities or which perform intensive calculations utilize caches to improve efficiency. However, if the application computes or receives sensitive information and the cache is not appropriately protected, an attacker can browse the cache and retrieve this information. This can result in the disclosure of sensitive information.