Lucene search
OracleLinuxELSA-2020-0703HistoryMar 06, 2020 - 12:00 a.m.
http-parser security update
2020-03-0600:00:00
linux.oracle.com
47
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
[2.7.1-8.2]
- Do not break ABI with CVE-2019-15605 fix
[2.7.1-8.1] - Resolves: CVE-2019-15605 http-parser: nodejs: HTTP request
smuggling using malformed Transfer-Encoding header
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 7 | src | http-parser | < 2.7.1-8.el7_7.2 | http-parser-2.7.1-8.el7_7.2.src.rpm |
| oracle linux | 7 | aarch64 | http-parser | < 2.7.1-8.el7_7.2 | http-parser-2.7.1-8.el7_7.2.aarch64.rpm |
| oracle linux | 7 | aarch64 | http-parser-devel | < 2.7.1-8.el7_7.2 | http-parser-devel-2.7.1-8.el7_7.2.aarch64.rpm |
| oracle linux | 7 | src | http-parser | < 2.7.1-8.el7_7.2 | http-parser-2.7.1-8.el7_7.2.src.rpm |
| oracle linux | 7 | i686 | http-parser | < 2.7.1-8.el7_7.2 | http-parser-2.7.1-8.el7_7.2.i686.rpm |
| oracle linux | 7 | x86_64 | http-parser | < 2.7.1-8.el7_7.2 | http-parser-2.7.1-8.el7_7.2.x86_64.rpm |
| oracle linux | 7 | i686 | http-parser-devel | < 2.7.1-8.el7_7.2 | http-parser-devel-2.7.1-8.el7_7.2.i686.rpm |
| oracle linux | 7 | x86_64 | http-parser-devel | < 2.7.1-8.el7_7.2 | http-parser-devel-2.7.1-8.el7_7.2.x86_64.rpm |
Related
nessus
nessus
RHEL 7 : http-parser (RHSA-2020:0703)
2020-03-06 00:00:00
NewStart CGSL CORE 5.05 / MAIN 5.05 : http-parser Vulnerability (NS-SA-2020-0119)
2020-12-09 00:00:00
CentOS 7 : http-parser (CESA-2020:0703)
2020-03-06 00:00:00
openvas
openvas
CentOS: Security Advisory for http-parser (CESA-2020:0703)
2020-03-05 00:00:00
Fedora: Security Advisory for nghttp2 (FEDORA-2020-3838c8ea98)
2020-02-09 00:00:00
Mageia: Security Advisory (MGASA-2020-0131)
2022-01-28 00:00:00
mageia
mageia
Updated http-parser packages fix security vulnerability
2020-03-09 01:37:31
Updated nodejs packages fix security vulnerabilities
2020-09-27 23:06:37
hackerone
hackerone
Node.js: HTTP request smuggling using malformed Transfer-Encoding header
2019-11-12 01:11:47
oraclelinux
oraclelinux
http-parser security update
2020-03-06 00:00:00
nodejs:12 security update
2020-02-26 00:00:00
nodejs:10 security update
2020-02-26 00:00:00
osv
osv
SwiftNIO vulnerable to HTTP request smuggling using malformed Transfer-Encoding header
2023-05-18 17:29:43
CVE-2019-15605
2020-02-07 15:15:11
Important: nodejs:12 security update
2020-02-25 13:06:23
amazon
amazon
Important: http-parser
2020-05-05 01:12:00
Important: http-parser
2020-04-20 19:21:00
fedora
fedora
[SECURITY] Fedora 31 Update: nodejs-12.15.0-1.fc31
2020-02-09 01:33:56
[SECURITY] Fedora 31 Update: nghttp2-1.40.0-1.fc31
2020-02-09 01:33:56
[SECURITY] Fedora 30 Update: libuv-1.34.2-1.fc30
2020-02-23 01:09:35
github
github
prion
prion
Design/Logic Flaw
2020-02-07 15:15:00
ubuntucve
ubuntucve
CVE-2019-15605
2020-02-07 00:00:00
redhat
redhat
(RHSA-2020:0708) Important: http-parser security update
2020-03-04 17:01:56
(RHSA-2020:0707) Important: http-parser security update
2020-03-04 17:01:00
(RHSA-2020:0703) Important: http-parser security update
2020-03-04 11:36:06
cve
cve
CVE-2019-15605
2020-02-07 15:15:00
alpinelinux
alpinelinux
CVE-2019-15605
2020-02-07 15:15:00
centos
centos
http security update
2020-03-04 21:38:41
cloudfoundry
cloudfoundry
CVE-2019-15605: Node.js is vulnerable to request smuggling | Cloud Foundry
2020-03-09 00:00:00
debiancve
debiancve
CVE-2019-15605
2020-02-07 15:15:00
veracode
veracode
HTTP Request Smuggling
2020-02-10 08:28:35
redhatcve
redhatcve
CVE-2019-15605
2020-04-06 04:56:12
ibm
ibm
photon
photon
Critical Photon OS Security Update - PHSA-2020-0060
2020-02-23 00:00:00
Critical Photon OS Security Update - PHSA-2020-3.0-0060
2020-02-23 00:00:00
suse
suse
Security update for nodejs8 (important)
2020-03-03 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package node version 13.8.0-alt1
2020-02-11 00:00:00
Security fix for the ALT Linux 10 package node version 13.8.0-alt1
2020-02-11 00:00:00
almalinux
almalinux
Important: nodejs:12 security update
2020-02-25 13:06:23
Important: nodejs:10 security update
2020-02-25 07:57:02
rocky
rocky
nodejs:12 security update
2020-02-25 13:06:23
nodejs:10 security update
2020-02-25 07:57:02
nodejsblog
nodejsblog
February 2020 Security Releases
2020-02-06 00:00:00
freebsd
freebsd
Node.js -- multiple vulnerabilities
2020-02-06 00:00:00
debian
debian
[SECURITY] [DSA 4669-1] nodejs security update
2020-04-29 21:05:57
ubuntu
ubuntu
Node.js vulnerabilities
2023-09-19 00:00:00
gentoo
gentoo
Node.js: Multiple vulnerabilities
2020-03-20 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - July 2021
2021-07-20 00:00:00
Oracle Critical Patch Update Advisory - April 2020
2020-04-14 00:00:00
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related for ELSA-2020-0703