CVE-2024-27922

Name of the Vulnerable Software and Affected Versions TOMP Bare Server versions prior to 2.0.2

Description A vulnerability in TOMP Bare Server relates to insecure handling of HTTP requests by the @tomphttp/bare-server-node package. This flaw potentially exposes the users of the package to manipulation of their web traffic. The impact may vary depending on the specific usage of the package but it can potentially affect any system where this package is in use.

Recommendations For versions prior to 2.0.2, upgrade to version 2.0.2 as soon as possible to patch the vulnerability. As a temporary measure, consider restricting the use of the @tomphttp/bare-server-node package until the upgrade is applied.