CVE Vulnerabilities

CVE-2024-30127

Use of Cache Containing Sensitive Information

Published: Apr 24, 2025 | Modified: Apr 24, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

Missing no cache headers in HCL Leap permits sensitive data to be cached.

Weakness

The code uses a cache that contains sensitive information, but the cache can be read by an actor outside of the intended control sphere.

Potential Mitigations

References