CVE-2022-25881

Description

This affects versions of the package http-cache-semantics before 4.1.1. The issue can be exploited via malicious request header values sent to a server, when that server reads the cache policy from the request using this library.

Related CPE's

Could not find any relations

References

https://security.snyk.io/vuln/SNYK-JS-HTTPCACHESEMANTICS-3248783

https://github.com/kornelski/http-cache-semantics/blob/master/index.js%23L83

https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-3253332

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics

Created by Yello

About Severity.io