Hello,
Component: Node.js
Package: on-headers
Affected Version: 1.0.2
Used In: Node-RED 4.0.9
Impact:
- Exposure of Sensitive Information
- Manipulation of Data
Description:
The on-headers
package (version 1.0.2) used in the Node-red version 4.0.9 is known to have security vulnerabilities that could lead to data exposure or unintended data manipulation
References: