Use of Cache Containing Sensitive Information
CVE-2022-3292
Summary
Use of Cache Containing Sensitive Information in rdiffweb prior to 2.4.9.
- LOW
- PHYSICAL
- NONE
- UNCHANGED
- NONE
- NONE
- HIGH
- NONE
CWE-524 - Use of Cache Containing Sensitive Information
The code uses a cache that contains sensitive information, but the cache can be read by an actor outside of the intended control sphere.
References
Advisory Timeline
- Published