MidnightBSD

Advisories for http-cache-semantics_project

CVE-2022-25881

This affects versions of the package http-cache-semantics before 4.1.1. The issue can be exploited via malicious request header values sent to a server, when that server reads the cache policy from the request using this library.

Products Affected

Vendor Product Version
http-cache-semantics_project http-cache-semantics *