stefanjudis/is-http2

Releases5

Frequency2 months 3 weeks

Last Release over 9 years ago

Stars14

Module to check for http/2 support

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2022-25906 ↗	Feb 1, 2023Wednesday, 1 February 2023, 05:15	7.4 HIGH	—
All versions of the package is-http2 are vulnerable to Command Injection due to missing input sanitization or other checks, and sandboxes being employed to the isH2 function.