Skip to main content

Use of Cache Containing Sensitive Information

CVE-2022-3292

Severity Medium
Score 4.6/10

Summary

Use of Cache Containing Sensitive Information in rdiffweb prior to 2.4.9.

  • LOW
  • PHYSICAL
  • NONE
  • UNCHANGED
  • NONE
  • NONE
  • HIGH
  • NONE

CWE-524 - Use of Cache Containing Sensitive Information

The code uses a cache that contains sensitive information, but the cache can be read by an actor outside of the intended control sphere.

Advisory Timeline

  • Published