CVE-2025-55152
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-55152
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-55152.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-55152
- Aliases
- Published
- 2025-08-09T02:15:38Z
- Modified
- 2025-08-11T21:03:59.215303Z
- Summary
- [none]
- Details
-
oak is a middleware framework for Deno's native HTTP server, Deno Deploy, Node.js 16.5 and later, Cloudflare Workers and Bun. In versions 17.1.5 and below, it's possible to significantly slow down an oak server with specially crafted values of the x-forwarded-proto or x-forwarded-for headers.
- References
Affected packages
Git / github.com/oakserver/oak
Affected ranges
- Type
- GIT
- Repo
- https://github.com/oakserver/oak
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
13.*
13.2.4
14.*
14.2.0
v1.*
v1.0.0
v10.*
v10.0.0
v10.1.0
v10.1.1
v10.2.0
v10.2.1
v10.3.0
v10.4.0
v10.5.0
v10.5.1
v10.6.0
v11.*
v11.0.0
v11.1.0
v12.*
v12.0.0
v12.0.1
v12.1.0
v12.2.0
v12.3.0
v12.3.1
v12.4.0
v12.5.0
v12.6.0
v12.6.1
v12.6.2
v13.*
v13.0.0
v13.0.1
v13.1.0
v13.2.0
v13.2.1
v13.2.2
v13.2.3
v13.2.5
v14.*
v14.0.0
v14.1.0
v14.1.1
v15.*
v15.0.0
v16.*
v16.0.0
v16.1.0
v17.*
v17.0.0
v17.1.0
v17.1.1
v17.1.2
v17.1.3
v17.1.4
v17.1.5
v2.*
v2.0.0
v2.1.0
v2.10.0
v2.2.0
v2.3.0
v2.4.0
v2.5.0
v2.6.0
v2.7.0
v2.8.0
v2.9.0
v3.*
v3.0.0
v3.1.0
v3.2.0
v3.3.0
v3.4.0
v3.5.0
v3.6.0
v3.7.0
v4.*
v4.0.0
v5.*
v5.0.0
v5.1.0
v5.1.1
v5.2.0
v5.3.0
v5.3.1
v5.4.0
v6.*
v6.0.0
v6.0.1
v6.0.2
v6.1.0
v6.2.0
v6.3.0
v6.3.1
v6.3.2
v6.4.0
v6.4.1
v6.4.2
v6.5.0
v6.5.1
v7.*
v7.0.0
v7.1.0
v7.2.0
v7.3.0
v7.4.0
v7.4.1
v7.5.0
v7.6.0
v7.6.1
v7.6.2
v7.6.3
v7.7.0
v8.*
v8.0.0
v9.*
v9.0.0
v9.0.1