Dlongley

Name of the Vulnerable Software and Affected Versions: http-signature versions <=0.9.11 Description: The issue allows an attacker in a privileged network position to modify header names and change the meaning of the request without requiring an updated signature. This occurs because vulnerable versions of http-signature sign the contents of headers, but not the header names. For example, an attacker can intercept a request and swap header names, such as `X-Payment-Source` and `X-Payment-Destination`, without changing the signature. This can lead to unintended changes in the request's meaning. Recommendations: Update to version 0.10.0 or higher. As a temporary workaround, consider restricting access to sensitive endpoints, such as `/pay`, to minimize the risk of exploitation. Avoid using the `Authorization` header with vulnerable versions of http-signature until the issue is resolved.