CVE-2022-35256

Опубликовано: 09 дек. 2022

Источник: msrc

CVSS3: 6.5

EPSS Низкий

Описание

Описание отсутствует

Возможность эксплуатации

DOS

N/A

EPSS

Процентиль: 87%

0.03548

Низкий

6.5 Medium

CVSS3

Связанные уязвимости

CVE-2022-35256

CVSS3: 6.5

ubuntu

больше 2 лет назад

The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not terminated with CLRF. This may result in HTTP Request Smuggling.

CVE-2022-35256

CVSS3: 6.5

redhat

больше 2 лет назад

The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not terminated with CLRF. This may result in HTTP Request Smuggling.

CVE-2022-35256

CVSS3: 6.5

nvd

больше 2 лет назад

The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not terminated with CLRF. This may result in HTTP Request Smuggling.

CVE-2022-35256

CVSS3: 6.5

debian

больше 2 лет назад

The llhttp parser in the http module in Node v18.7.0 does not correctl ...

GHSA-rc2m-q589-vpqx

CVSS3: 9.8

github

больше 2 лет назад

The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not terminated with CLRF. This may result in HTTP Request Smuggling.

EPSS

Процентиль: 87%

0.03548

Низкий

6.5 Medium

CVSS3