During an OData V2/V4 request in SAP Gateway, versions 750, 751, 752, 753, the HTTP Header attributes cache-control and pragma were not properly set, allowing an attacker to access restricted information, resulting in Information Disclosure.

Related CVEs

CVE-2019-0338

Key Information

GHSA ID

GHSA-rww3-gp24-435c

Published

May 24, 2022 4:53 PM

Last Modified

April 4, 2024 1:38 AM

CVSS Score

5.0 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: June 27, 2025 6:26 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.