TOMP Bare Server implements the TompHTTP bare server. A vulnerability in versions prior to 2.0.2 relates to insecure handling of HTTP requests by the @tomphttp/bare-server-node package. This flaw potentially exposes the users of the package to manipulation of their web traffic. The impact may vary depending on the specific usage of the package but it can potentially affect any system where this package is in use. The problem has been patched in version 2.0.2. As of time of publication, no specific workaround strategies have been disclosed.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2024-03-06T20:33:57.922Z
Updated: 2024-08-02T19:51:32.534Z
Reserved: 2024-02-28T15:14:14.214Z
Link: CVE-2024-27922
Vulnrichment
Updated: 2024-08-02T00:41:56.021Z
NVD
Status : Awaiting Analysis
Published: 2024-03-21T02:52:21.083
Modified: 2024-11-21T09:05:25.837
Link: CVE-2024-27922
Redhat
No data.