Описание
ELSA-2020-0708: http-parser security update (IMPORTANT)
[2.8.0-5.2]
- Do not break ABI with CVE-2019-15605 fix
[2.8.0-5.1]
- Resolves: CVE-2019-15605 http-parser: nodejs: HTTP request smuggling using malformed Transfer-Encoding header
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
http-parser
2.8.0-5.el8_1.2
Oracle Linux x86_64
http-parser
2.8.0-5.el8_1.2
Связанные CVE
Связанные уязвимости
CVSS3: 9.8
ubuntu
больше 5 лет назад
HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed
CVSS3: 7.1
redhat
больше 5 лет назад
HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed
CVSS3: 9.8
nvd
больше 5 лет назад
HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed
CVSS3: 9.8
debian
больше 5 лет назад
HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payl ...
CVSS3: 9.8
github
около 3 лет назад
HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed