Name of the Vulnerable Software and Affected Versions ezplatform-http-cache (affected versions not specified)

Description The issue is related to the BREACH vulnerability, which affects HTTP compression and can allow secrets to be extracted through carefully crafted requests. This is due to included Varnish VCL templates that enable compression of API and JSON messages. To mitigate this, it is recommended to disable compression in these templates and check web server configurations.

Recommendations Disable HTTP compression for REST API requests and other communication that might contain secrets. Make sure to make the same change in your configuration files, following the specific instructions in the release notes. Check your web server configuration to ensure HTTP compression is disabled for sensitive communications.