Lucene search
K

11 matches found

Amazon
Amazon
added 2026/04/13 12:0 a.m.9 views

Important: nodejs20

Issue Overview: A flaw in Node.js HTTP request handling causes an uncaught TypeError when a request is received with a header named proto and the application accesses req.headersDistinct. When this occurs, dest"proto" resolves to Object.prototype rather than undefined, causing .push to be called ...

7.5CVSS7.1AI score0.26356EPSS
Exploits0
OSV
OSV
added 2026/04/06 7:58 a.m.2 views

BIT-NODE-MIN-2026-21710

A flaw in Node.js HTTP request handling causes an uncaught TypeError when a request is received with a header named proto and the application accesses req.headersDistinct. When this occurs, dest"proto" resolves to Object.prototype rather than undefined, causing .push to be called on a non-array...

7.5CVSS7.2AI score0.26356EPSS
Exploits0References17
EUVD
EUVD
added 2026/03/30 9:31 p.m.4 views

EUVD-2026-17170

A flaw in Node.js HTTP request handling causes an uncaught TypeError when a request is received with a header named proto and the application accesses req.headersDistinct. When this occurs, dest"proto" resolves to Object.prototype rather than undefined, causing .push to be called on a non-array...

7.5CVSS7AI score0.26356EPSS
Exploits0References2
OSV
OSV
added 2026/03/30 8:16 p.m.3 views

ALPINE-CVE-2026-21710

A flaw in Node.js HTTP request handling causes an uncaught TypeError when a request is received with a header named proto and the application accesses req.headersDistinct. When this occurs, dest"proto" resolves to Object.prototype rather than undefined, causing .push to be called on a non-array...

7.5CVSS5.8AI score0.26356EPSS
Exploits0References1
NVD
NVD
added 2026/03/30 8:16 p.m.4 views

CVE-2026-21710

A flaw in Node.js HTTP request handling causes an uncaught TypeError when a request is received with a header named proto and the application accesses req.headersDistinct. When this occurs, dest"proto" resolves to Object.prototype rather than undefined, causing .push to be called on a non-array...

7.5CVSS0.26356EPSS
Exploits0References16
OSV
OSV
added 2026/03/30 8:16 p.m.6 views

UBUNTU-CVE-2026-21710

A flaw in Node.js HTTP request handling causes an uncaught TypeError when a request is received with a header named proto and the application accesses req.headersDistinct. When this occurs, dest"proto" resolves to Object.prototype rather than undefined, causing .push to be called on a non-array...

7.5CVSS7.3AI score0.26356EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/30 7:7 p.m.3 views

CVE-2026-21710

A flaw in Node.js HTTP request handling causes an uncaught TypeError when a request is received with a header named proto and the application accesses req.headersDistinct. When this occurs, dest"proto" resolves to Object.prototype rather than undefined, causing .push to be called on a non-array...

7.5CVSS7AI score0.26356EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/30 7:7 p.m.150 views

CVE-2026-21710

A flaw in Node.js HTTP request handling causes an uncaught TypeError when a request is received with a header named proto and the application accesses req.headersDistinct. When this occurs, dest"proto" resolves to Object.prototype rather than undefined, causing .push to be called on a non-array...

7.5CVSS0.26356EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/03/30 7:7 p.m.3 views

CVE-2026-21710

A flaw in Node.js HTTP request handling causes an uncaught TypeError when a request is received with a header named proto and the application accesses req.headersDistinct. When this occurs, dest"proto" resolves to Object.prototype rather than undefined, causing .push to be called on a non-array...

7.5CVSS7.8AI score0.26356EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/03/30 7:7 p.m.1 views

CVE-2026-21710

A flaw in Node.js HTTP request handling causes an uncaught TypeError when a request is received with a header named proto and the application accesses req.headersDistinct. When this occurs, dest"proto" resolves to Object.prototype rather than undefined, causing .push to be called on a non-array...

7.5CVSS7AI score0.26356EPSS
Exploits0
CVE
CVE
added 2026/03/30 7:7 p.m.35 views

CVE-2026-21710

Summary: CVE-2026-21710 is a denial-of-service-type issue in Node.js HTTP request handling triggered by a header named __proto__ accessed via req.headersDistinct, which can cause an uncaught TypeError and crash the process when dest["proto "] resolves to Object.prototype and .push() is called on ...

7.5CVSS6.7AI score0.26356EPSS
Exploits0References16
Rows per page
Query Builder