-
CVSS Score
-Basic Information
CVE ID
-
GHSA ID
-
EPSS Score
-
CWE
-
Published
-
Updated
-
KEV Status
-
Technology
-
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AIMiggo AIRoot Cause AnalysisThe vulnerability stems from improper cache control headers on authentication-related redirect responses. The primary suspect is response handling logic that determines caching behavior (VclPlugin::afterRenderResult) and VCL generation logic (Config::getVclSnippets). These components would directly influence whether authentication redirects are cached. The high confidence in VclPlugin stems from Magento's typical response modification patterns, while VCL generation gets medium confidence due to inherent CDN configuration linkage.
PHPPHP| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| fastly/magento2 | composer | < 1.2.26 | 1.2.26 |
Ongoing coverage of React2Shell