13 matches found
Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in on-headers-1.0.2.tgz
Summary Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in on-headers-1.0.2.tgz Vulnerability Details CVEID:CVE-2025-7339 DESCRIPTION: on-headers is a node.js middleware for listening to when a response writes headers. A bug in on-headers versions 1.1.0 may result in...
Security Bulletin: IBM Maximo Application Suite - Monitor Component uses on-headers-1.0.2.tgz which is vulnerable to CVE-2025-7339.
Summary IBM Maximo Application Suite - Monitor Component uses on-headers-1.0.2.tgz which is vulnerable to CVE-2025-7339. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2025-7339 DESCRIPTION: on-headers is a node.js middleware for listening to when...
Security Bulletin: Vulnerability in node.js affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.
Summary Potential vulnerability in node.js has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerabili...
Security Bulletin: IBM DataPower Gateway vulnerable to Denial of Service.
Summary The CVE may result in headers being modified in internal NodeJS traffic which could lead to a denial of service. Vulnerability Details CVEID:CVE-2025-7339 DESCRIPTION: on-headers is a node.js middleware for listening to when a response writes headers. A bug in on-headers versions 1.1.0 ma...
Security Bulletin: IBM Watsonx BI is affected by use of on-headers in node.js middleware used for listening when a response writes headers
Summary IBM Watsonx BI is affected by use of on-headers in node.js middleware used for listening when a response writes headers. It has a bug in on-headers versions 1.1.0 may result in response headers being inadvertently modified when an array is passed to response.writeHead Vulnerability Detail...
CVE-2025-7339 vulnerabilities
Vulnerabilities for packages: thingsboard, serve, tileserver-gl, json-server, code-server, sqlpad, kubeflow-centraldashboard, vitess, argo-workflows...
CVE-2025-7339 vulnerabilities
Vulnerabilities for packages: gitlab-rails-ce-fips, tileserver-gl, argo-workflows, json-server, tileserver-gl-fips, vitess, thingsboard, code-server, serve, gitlab-rails-ce, sqlpad, kubeflow-centraldashboard...
org.webjars.npm:compression (>=1.5.2 <=1.7.4), org.webjars.npm:express-session (>=1.15.6 <=1.17.1) +1 more potentially affected by CVE-2025-7339 via org.webjars.npm:on-headers (=1.0.2)
org.webjars.npm:on-headers MAVEN version =1.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:on-headers and may be impacted: - org.webjars.npm:compression =1.5.2, =1.15.6, =1.9.0, =1.9.1 Source cves: CVE-2025-7339 Source advisory:...
CVE-2025-7339
creationtimestamp| type| source ---|---|--- 2025-07-17 16:28:35+00:00| seen| https://bsky.app/profile/ulisesgascon.com/post/3lu6e23gvwc2w...
CVE-2025-7339
on-headers is a node.js middleware for listening to when a response writes headers. A bug in on-headers versions 1.1.0 may result in response headers being inadvertently modified when an array is passed to response.writeHead. Users should upgrade to version 1.1.0 to receive a patch. Uses are...
CVE-2025-7339
CVE-2025-7339 describes a vulnerability in the on-headers Node.js middleware where a bug in versions < 1.1.0 may cause response headers to be modified when an array is passed to response.writeHead(). The issue is patched in 1.1.0; users are urged to upgrade. A workaround is to pass an object t...
CVE-2025-7339 on-headers vulnerable to http response header manipulation
on-headers is a node.js middleware for listening to when a response writes headers. A bug in on-headers versions 1.1.0 may result in response headers being inadvertently modified when an array is passed to response.writeHead. Users should upgrade to version 1.1.0 to receive a patch. Uses are...
CVE-2025-7339 on-headers vulnerable to http response header manipulation
on-headers is a node.js middleware for listening to when a response writes headers. A bug in on-headers versions 1.1.0 may result in response headers being inadvertently modified when an array is passed to response.writeHead. Users should upgrade to version 1.1.0 to receive a patch. Uses are...