VYPR
High severityNVD Advisory· Published Jan 31, 2023· Updated Mar 27, 2025

CVE-2022-25881

CVE-2022-25881

Description

This affects versions of the package http-cache-semantics before 4.1.1. The issue can be exploited via malicious request header values sent to a server, when that server reads the cache policy from the request using this library.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
http-cache-semanticsnpm
< 4.1.14.1.1
org.webjars.npm:http-cache-semanticsMaven
< 4.1.14.1.1

Affected products

67

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.