{
  "affected": [
    {
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "c6e384908c9c6127d18831d16ab0bd96e1231867"
            }
          ],
          "repo": "https://github.com/jshttp/on-headers",
          "type": "GIT"
        }
      ]
    }
  ],
  "aliases": [
    "GHSA-76c9-3jph-rj3q"
  ],
  "details": "on-headers is a node.js middleware for listening to when a response writes headers. A bug in on-headers versions `\u003c1.1.0` may result in response headers being inadvertently modified when an array is passed to `response.writeHead()`. Users should upgrade to version 1.1.0 to receive a patch. Uses are strongly encouraged to upgrade to `1.1.0`, but this issue can be worked around by passing an object to `response.writeHead()` rather than an array.",
  "id": "CVE-2025-7339",
  "modified": "2026-03-15T21:48:12.514654082Z",
  "published": "2025-07-17T16:15:35.403Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://cna.openjsf.org/security-advisories.html"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/jshttp/on-headers/security/advisories/GHSA-76c9-3jph-rj3q"
    },
    {
      "type": "REPORT",
      "url": "https://github.com/expressjs/morgan/issues/315"
    },
    {
      "type": "REPORT",
      "url": "https://github.com/jshttp/on-headers/issues/15"
    },
    {
      "type": "FIX",
      "url": "https://github.com/jshttp/on-headers/commit/c6e384908c9c6127d18831d16ab0bd96e1231867"
    }
  ],
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}