CVSS 3.1 Score 9.8 of 10 (high)


Published Mar 21, 2024
CWE ID 444


CVE-2024-27922 is a vulnerability that affects TOMP Bare Server versions prior to 2.0.2, specifically related to insecure handling of HTTP requests by the @tomphttp/bare-server-node package. This vulnerability exposes users of the package to potential manipulation of their web traffic. The impact may vary depending on the specific usage of the package, but it can potentially affect any system where this package is in use. The issue has been patched in version 2.0.2, although no specific workaround strategies have been disclosed at this time. The vulnerability has a base severity rating of CRITICAL with a base score of 9.8, indicating a high potential danger to organizations utilizing the affected products.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-27922 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options