Описание
The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not terminated with CLRF. This may result in HTTP Request Smuggling.
Ссылки
- Third Party Advisory
- ExploitIssue TrackingThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- ExploitIssue TrackingThird Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Одно из
Одно из
EPSS
6.5 Medium
CVSS3
Дефекты
Связанные уязвимости
The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not terminated with CLRF. This may result in HTTP Request Smuggling.
The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not terminated with CLRF. This may result in HTTP Request Smuggling.
The llhttp parser in the http module in Node v18.7.0 does not correctl ...
The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not terminated with CLRF. This may result in HTTP Request Smuggling.
EPSS
6.5 Medium
CVSS3