Name of the Vulnerable Software and Affected Versions: stripe-webhook versions prior to 1.1.4

Description: The issue affects users who verify Stripe webhook requests using the constructEvent function. There is no information about the estimated number of potentially affected devices or real-world incidents where this issue was exploited.

Recommendations: For versions prior to 1.1.4, upgrade to version 1.1.4. As a temporary workaround, consider using await verifyHeader(...) directly instead of constructEvent until the issue is resolved.