Описание
on-headers is a node.js middleware for listening to when a response writes headers. A bug in on-headers versions <1.1.0 may result in response headers being inadvertently modified when an array is passed to response.writeHead(). Users should upgrade to version 1.1.0 to receive a patch. Uses are strongly encouraged to upgrade to 1.1.0, but this issue can be worked around by passing an object to response.writeHead() rather than an array.
Ссылки
EPSS
3.4 Low
CVSS3
Дефекты
Связанные уязвимости
on-headers is a node.js middleware for listening to when a response writes headers. A bug in on-headers versions `<1.1.0` may result in response headers being inadvertently modified when an array is passed to `response.writeHead()`. Users should upgrade to version 1.1.0 to receive a patch. Uses are strongly encouraged to upgrade to `1.1.0`, but this issue can be worked around by passing an object to `response.writeHead()` rather than an array.
on-headers is a node.js middleware for listening to when a response writes headers. A bug in on-headers versions `<1.1.0` may result in response headers being inadvertently modified when an array is passed to `response.writeHead()`. Users should upgrade to version 1.1.0 to receive a patch. Uses are strongly encouraged to upgrade to `1.1.0`, but this issue can be worked around by passing an object to `response.writeHead()` rather than an array.
on-headers is a node.js middleware for listening to when a response wr ...
on-headers is vulnerable to http response header manipulation
EPSS
3.4 Low
CVSS3