CVE-2022-35256

Опубликовано: 09 дек. 2022

Источник: msrc

CVSS3: 6.5

EPSS Низкий

Описание

Описание отсутствует

Возможность эксплуатации

DOS

N/A

EPSS

Процентиль: 89%

0.0458

Низкий

6.5 Medium

CVSS3

Связанные уязвимости

CVE-2022-35256

CVSS3: 6.5

ubuntu

почти 3 года назад

The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not terminated with CLRF. This may result in HTTP Request Smuggling.

CVE-2022-35256

CVSS3: 6.5

redhat

около 3 лет назад

The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not terminated with CLRF. This may result in HTTP Request Smuggling.

CVE-2022-35256

CVSS3: 6.5

nvd

почти 3 года назад

The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not terminated with CLRF. This may result in HTTP Request Smuggling.

CVE-2022-35256

CVSS3: 6.5

debian

почти 3 года назад

The llhttp parser in the http module in Node v18.7.0 does not correctl ...

GHSA-rc2m-q589-vpqx

CVSS3: 9.8

github

почти 3 года назад

The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not terminated with CLRF. This may result in HTTP Request Smuggling.

EPSS

Процентиль: 89%

0.0458

Низкий

6.5 Medium

CVSS3