CVE-2022-25881
Published
CVSS v3
5.3
MEDIUM
CVSS v2
N/A
Affected
1
PROJECT
Description
This affects versions of the package http-cache-semantics before 4.1.1. The issue can be exploited via malicious request header values sent to a server, when that server reads the cache policy from the request using this library.
RFC 7234 in JavaScript. Parses HTTP headers to correctly compute cacheability of responses, even in complex cases
GitHub