Name of the Vulnerable Software and Affected Versions: ibexa/http-cache (affected versions not specified)

Description: The issue is related to the BREACH vulnerability, which affects HTTP compression and can allow secrets to be extracted through carefully crafted requests. This is due to included Varnish VCL templates that enable compression of API and JSON messages. To mitigate this, it is recommended to disable compression in these templates and check web server configurations.

Recommendations: Disable HTTP compression for REST API requests and other communication that might contain secrets. Make sure to make the same change in your configuration files, following the specific instructions in the release notes. Check your web server configuration to ensure HTTP compression is disabled for sensitive data. At the moment, there is no information about a newer version that contains a fix for this vulnerability.