CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-25881

This affects versions of the package http-cache-semantics before 4.1.1. The issue can be exploited via malicious request header values sent to a server, when that server reads the cache policy from the request using this library.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 37.5%

CVSS Severity

CVSS v3 Score 5.3

References

Products affected by CVE-2022-25881

Http-Cache-Semantics Project » Http-Cache-Semantics » Version: N/A

cpe:2.3:a:http-cache-semantics_project:http-cache-semantics:-
Http-Cache-Semantics Project » Http-Cache-Semantics » Version: 3.2.0

cpe:2.3:a:http-cache-semantics_project:http-cache-semantics:3.2.0
Http-Cache-Semantics Project » Http-Cache-Semantics » Version: 3.3.0

cpe:2.3:a:http-cache-semantics_project:http-cache-semantics:3.3.0
Http-Cache-Semantics Project » Http-Cache-Semantics » Version: 3.3.1

cpe:2.3:a:http-cache-semantics_project:http-cache-semantics:3.3.1
Http-Cache-Semantics Project » Http-Cache-Semantics » Version: 3.3.2

cpe:2.3:a:http-cache-semantics_project:http-cache-semantics:3.3.2
Http-Cache-Semantics Project » Http-Cache-Semantics » Version: 3.3.3

cpe:2.3:a:http-cache-semantics_project:http-cache-semantics:3.3.3
Http-Cache-Semantics Project » Http-Cache-Semantics » Version: 3.4.0

cpe:2.3:a:http-cache-semantics_project:http-cache-semantics:3.4.0
Http-Cache-Semantics Project » Http-Cache-Semantics » Version: 3.5.1

cpe:2.3:a:http-cache-semantics_project:http-cache-semantics:3.5.1
Http-Cache-Semantics Project » Http-Cache-Semantics » Version: 3.6.0

cpe:2.3:a:http-cache-semantics_project:http-cache-semantics:3.6.0
Http-Cache-Semantics Project » Http-Cache-Semantics » Version: 3.7.0

cpe:2.3:a:http-cache-semantics_project:http-cache-semantics:3.7.0
Http-Cache-Semantics Project » Http-Cache-Semantics » Version: 3.7.1

cpe:2.3:a:http-cache-semantics_project:http-cache-semantics:3.7.1
Http-Cache-Semantics Project » Http-Cache-Semantics » Version: 3.7.3

cpe:2.3:a:http-cache-semantics_project:http-cache-semantics:3.7.3
Http-Cache-Semantics Project » Http-Cache-Semantics » Version: 3.8.0

cpe:2.3:a:http-cache-semantics_project:http-cache-semantics:3.8.0
Http-Cache-Semantics Project » Http-Cache-Semantics » Version: 3.8.1

cpe:2.3:a:http-cache-semantics_project:http-cache-semantics:3.8.1
Http-Cache-Semantics Project » Http-Cache-Semantics » Version: 4.0.0

cpe:2.3:a:http-cache-semantics_project:http-cache-semantics:4.0.0
Http-Cache-Semantics Project » Http-Cache-Semantics » Version: 4.0.2

cpe:2.3:a:http-cache-semantics_project:http-cache-semantics:4.0.2
Http-Cache-Semantics Project » Http-Cache-Semantics » Version: 4.0.3

cpe:2.3:a:http-cache-semantics_project:http-cache-semantics:4.0.3
Http-Cache-Semantics Project » Http-Cache-Semantics » Version: 4.0.4

cpe:2.3:a:http-cache-semantics_project:http-cache-semantics:4.0.4
Http-Cache-Semantics Project » Http-Cache-Semantics » Version: 4.1.0

cpe:2.3:a:http-cache-semantics_project:http-cache-semantics:4.1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-25881

Products

Pricing

Contact Us