Node.js.ReDoS.http-cache-semantics

description-logoDescription

This indicates an attack attempt to exploit a ReDoS (regular expression denial of service).
Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS). The issue can be exploited via malicious request header values sent to a server, when that server reads the cache policy from the request using this library.

affected-products-logoAffected Products

package http-cache-semantics before 4.1.1

Impact logoImpact

ReDoS: Remote attackers can cause ReDoS (regular expression denial of service).

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.

Version Updates

Date Version Detail
2023-05-16 0.00348

CVE References

CVE-2022-25881