Wind River Support Network

HomeDefectsLIN1022-4991
Fixed

LIN1022-4991 : Security Advisory - nodejs - CVE-2022-25881

Created: Aug 8, 2023    Updated: Nov 23, 2024
Resolved Date: Aug 8, 2023
Found In Version: 10.22.33.1
Fix Version: 10.22.33.11(hotfix)
Severity: Standard
Applicable for: Wind River Linux LTS 22
Component/s: Userspace

Description

This affects versions of the package http-cache-semantics before 4.1.1. The issue can be exploited via malicious request header values sent to a server, when that server reads the cache policy from the request using this library.


CREATE(Triage):(User=admin) CVE-2022-25881 (https://nvd.nist.gov/vuln/detail/CVE-2022-25881)

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube