Security Advisory

CVE-2022-25906

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-02-01 05:00:02

Last updated 2025-03-26 20:22:01

Assigner snyk

State PUBLISHED

Description

All versions of the package is-http2 are vulnerable to Command Injection due to missing input sanitization or other checks, and sandboxes being employed to the isH2 function.

← Browse all CVEs View on cve.org ↗