VYPR
Moderate severityNVD Advisory· Published Nov 8, 2020· Updated Sep 17, 2024

Web Cache Poisoning

CVE-2020-7764

Description

This affects the package find-my-way before 2.2.5, from 3.0.0 and before 3.0.5. It accepts the Accept-Version' header by default, and if versioned routes are not being used, this could lead to a denial of service. Accept-Version can be used as an unkeyed header in a cache poisoning attack.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
find-my-waynpm
< 2.2.52.2.5
find-my-waynpm
>= 3.0.0, < 3.0.53.0.5

Affected products

2

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.