Lucene search
K

13 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/02/04 10:29 p.m.8 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in on-headers-1.0.2.tgz

Summary Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in on-headers-1.0.2.tgz Vulnerability Details CVEID:CVE-2025-7339 DESCRIPTION: on-headers is a node.js middleware for listening to when a response writes headers. A bug in on-headers versions 1.1.0 may result in...

3.4CVSS6.4AI score0.00174EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/29 1:46 p.m.5 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses on-headers-1.0.2.tgz which is vulnerable to CVE-2025-7339.

Summary IBM Maximo Application Suite - Monitor Component uses on-headers-1.0.2.tgz which is vulnerable to CVE-2025-7339. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2025-7339 DESCRIPTION: on-headers is a node.js middleware for listening to when...

3.4CVSS6.1AI score0.00174EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/29 7:26 a.m.7 views

Security Bulletin: Vulnerability in node.js affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in node.js has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerabili...

3.4CVSS6.3AI score0.00174EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/20 2:31 p.m.7 views

Security Bulletin: IBM DataPower Gateway vulnerable to Denial of Service.

Summary The CVE may result in headers being modified in internal NodeJS traffic which could lead to a denial of service. Vulnerability Details CVEID:CVE-2025-7339 DESCRIPTION: on-headers is a node.js middleware for listening to when a response writes headers. A bug in on-headers versions 1.1.0 ma...

3.4CVSS6.5AI score0.00174EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/17 5:39 p.m.5 views

Security Bulletin: IBM Watsonx BI is affected by use of on-headers in node.js middleware used for listening when a response writes headers

Summary IBM Watsonx BI is affected by use of on-headers in node.js middleware used for listening when a response writes headers. It has a bug in on-headers versions 1.1.0 may result in response headers being inadvertently modified when an array is passed to response.writeHead Vulnerability Detail...

3.4CVSS8.9AI score0.00174EPSS
Exploits0Affected Software1
Wolfi
Wolfi
added 2025/07/19 7:47 a.m.9 views

CVE-2025-7339 vulnerabilities

Vulnerabilities for packages: thingsboard, serve, tileserver-gl, json-server, code-server, sqlpad, kubeflow-centraldashboard, vitess, argo-workflows...

3.4CVSS6.6AI score0.00174EPSS
Exploits0
Chainguard
Chainguard
added 2025/07/19 7:17 a.m.7 views

CVE-2025-7339 vulnerabilities

Vulnerabilities for packages: gitlab-rails-ce-fips, tileserver-gl, argo-workflows, json-server, tileserver-gl-fips, vitess, thingsboard, code-server, serve, gitlab-rails-ce, sqlpad, kubeflow-centraldashboard...

3.4CVSS6.6AI score0.00174EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/07/17 4:41 p.m.5 views

org.webjars.npm:compression (>=1.5.2 <=1.7.4), org.webjars.npm:express-session (>=1.15.6 <=1.17.1) +1 more potentially affected by CVE-2025-7339 via org.webjars.npm:on-headers (=1.0.2)

org.webjars.npm:on-headers MAVEN version =1.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:on-headers and may be impacted: - org.webjars.npm:compression =1.5.2, =1.15.6, =1.9.0, =1.9.1 Source cves: CVE-2025-7339 Source advisory:...

3.4CVSS6.5AI score0.00174EPSS
Exploits0
Circl
Circl
added 2025/07/17 4:28 p.m.8 views

CVE-2025-7339

creationtimestamp| type| source ---|---|--- 2025-07-17 16:28:35+00:00| seen| https://bsky.app/profile/ulisesgascon.com/post/3lu6e23gvwc2w...

3.4CVSS5.9AI score0.00174EPSS
Exploits0References1
NVD
NVD
added 2025/07/17 4:15 p.m.5 views

CVE-2025-7339

on-headers is a node.js middleware for listening to when a response writes headers. A bug in on-headers versions 1.1.0 may result in response headers being inadvertently modified when an array is passed to response.writeHead. Users should upgrade to version 1.1.0 to receive a patch. Uses are...

3.4CVSS0.00174EPSS
Exploits0References5
CVE
CVE
added 2025/07/17 3:47 p.m.131 views

CVE-2025-7339

CVE-2025-7339 describes a vulnerability in the on-headers Node.js middleware where a bug in versions &lt; 1.1.0 may cause response headers to be modified when an array is passed to response.writeHead(). The issue is patched in 1.1.0; users are urged to upgrade. A workaround is to pass an object t...

3.4CVSS6.5AI score0.00174EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/07/17 3:47 p.m.11 views

CVE-2025-7339 on-headers vulnerable to http response header manipulation

on-headers is a node.js middleware for listening to when a response writes headers. A bug in on-headers versions 1.1.0 may result in response headers being inadvertently modified when an array is passed to response.writeHead. Users should upgrade to version 1.1.0 to receive a patch. Uses are...

3.4CVSS0.00174EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/07/17 3:47 p.m.16 views

CVE-2025-7339 on-headers vulnerable to http response header manipulation

on-headers is a node.js middleware for listening to when a response writes headers. A bug in on-headers versions 1.1.0 may result in response headers being inadvertently modified when an array is passed to response.writeHead. Users should upgrade to version 1.1.0 to receive a patch. Uses are...

3.4CVSS6.3AI score0.00174EPSS
Exploits0References5
Rows per page
Query Builder