GHSA-hq75-xg7r-rx6c: Better Call routing bug can lead to Cache Deception

July 11, 2025

Using a CDN that caches (/**/*.png, /**/*.json, /**/*.css, etc…) requests, a cache deception can emerge. This could lead to unauthorized access to user sessions and personal data when cached responses are served to other users.

References

github.com/Bekacru/better-call
github.com/Bekacru/better-call/commit/7c7d31b
github.com/Bekacru/better-call/security/advisories/GHSA-hq75-xg7r-rx6c
github.com/advisories/GHSA-hq75-xg7r-rx6c

Code Behaviors & Features

Detect and mitigate GHSA-hq75-xg7r-rx6c with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →