You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve 2025 7339
About this tag
CVE-2025-7339 is a vulnerability in the open-source Node.js middleware library on-headers, which can cause unintended modifications to HTTP response headers when an array is passed to response.writeHead(). Microsoft's advisory for this CVE specifically identifies Azure Linux as a confirmed affected product, but notes that the mapping may be updated if other Microsoft products are found to include the same library. This has raised operational questions for enterprise defenders about whether additional Microsoft products are impacted. The tag covers discussions around the scope of this vulnerability, particularly regarding Azure Linux and potential broader implications for Microsoft's ecosystem.
The open-source Node.js middleware library on-headers was assigned CVE-2025-7339 after a bug was found that can cause unintended modifications to HTTP response headers when an array is passed to response.writeHead(). Microsoft’s public advisory for the CVE calls out the Azure Linux distribution...