Jshttp On-Headers vulnerabilities

1 known vulnerability affecting jshttp/on-headers.

Total CVEs

1

CISA KEV

0

Public exploits

0

Exploited in wild

0

Severity breakdown

LOW1

Vulnerabilities

Page 1 of 1

CVE-2025-7339LOWCVSS 3.4fixed in 1.1.02025-07-17

CVE-2025-7339 [LOW] CWE-241 CVE-2025-7339: on-headers is a node.js middleware for listening to when a response writes headers. A bug in on-head on-headers is a node.js middleware for listening to when a response writes headers. A bug in on-headers versions `<1.1.0` may result in response headers being inadvertently modified when an array is passed to `response.writeHead()`. Users should upgrade to version 1.1.0 to receive a patch. Uses are strongly encouraged to upgrade to `1.1.0`, but this issu