CVE-2024-27922
CVSS V2 None
CVSS V3 None
Description
TOMP Bare Server implements the TompHTTP bare server. A vulnerability in versions prior to 2.0.2 relates to insecure handling of HTTP requests by the @tomphttp/bare-server-node package. This flaw potentially exposes the users of the package to manipulation of their web traffic. The impact may vary depending on the specific usage of the package but it can potentially affect any system where this package is in use. The problem has been patched in version 2.0.2. As of time of publication, no specific workaround strategies have been disclosed.
Overview
- CVE ID
- CVE-2024-27922
- Assigner
- GitHub_M
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-03-06T20:33:57.922Z
- Last Modified Date
- 2024-03-06T20:33:57.922Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://github.com/tomphttp/bare-server-node/security/advisories/GHSA-86fc-f9gr-v533 | x_refsource_CONFIRM |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-27922 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27922 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-26 01:37:31 | Added to TrackCVE |