Executive Summary

Informations
Name CVE-2025-7339 First vendor Publication 2025-07-17
Vendor Cve Last vendor Modification 2025-07-17

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base Score N/A Attack Range N/A
Cvss Impact Score N/A Attack Complexity N/A
Cvss Expoit Score N/A Authentication N/A
Calculate full CVSS 2.0 Vectors scores

Detail

on-headers is a node.js middleware for listening to when a response writes headers. A bug in on-headers versions `<1.1.0` may result in response headers being inadvertently modified when an array is passed to `response.writeHead()`. Users should upgrade to version 1.1.0 to receive a patch. Uses are strongly encouraged to upgrade to `1.1.0`, but this issue can be worked around by passing an object to `response.writeHead()` rather than an array.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-7339

Sources (Detail)

https://cna.openjsf.org/security-advisories.html
https://github.com/expressjs/morgan/issues/315
https://github.com/jshttp/on-headers/commit/c6e384908c9c6127d18831d16ab0bd96e...
https://github.com/jshttp/on-headers/issues/15
https://github.com/jshttp/on-headers/security/advisories/GHSA-76c9-3jph-rj3q
Source Url

Alert History

If you want to see full details history, please login or register.
0
1
2
3
Date Informations
2025-07-19 02:39:05
  • Multiple Updates
2025-07-19 02:39:02
  • Multiple Updates
2025-07-18 17:20:34
  • Multiple Updates
2025-07-17 21:20:33
  • First insertion