find-my-way@1.10.0

Vulnerabilities

1 via 1 paths

Dependencies

Source

npm

Find, fix and prevent vulnerabilities in your code.

Severity
  • 1
Status
  • 1
  • 0
  • 0

medium severity

Web Cache Poisoning

  • Vulnerable module: find-my-way
  • Introduced through: find-my-way@1.10.0

Detailed paths

  • Introduced through: find-my-way@1.10.0
    Remediation: Upgrade to find-my-way@2.2.5.

Overview

Affected versions of this package are vulnerable to Web Cache Poisoning. It accepts the Accept-Version header by default, and if versioned routes are not being used, this could lead to a denial of service. Accept-Version can be used as an unkeyed header in a cache poisoning attack.

Remediation

Upgrade find-my-way to version 2.2.5, 3.0.5 or higher.

References