Huawei EulerOS: Security Advisory for http-parser (EulerOS-SA-2020-1652)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

NewStart CGSL CORE 5.04 / MAIN 5.04 : http-parser Vulnerability (NS-SA-2020-0029)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has http-parser packages installed that are affected by a vulnerability: - HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed CVE-2019-15605 Note that Nessus h...

Amazon Linux 2 : http-parser (ALAS-2020-1417)

The version of http-parser installed on the remote host is prior to 2.7.1-8. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2020-1417 advisory. HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed...

Important: http-parser

Issue Overview: HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed CVE-2019-15605 Affected Packages: http-parser Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference...

http-parser bug fix and enhancement update

An update is available for http-parser. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

http-parser bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

Amazon Linux AMI : http-parser (ALAS-2020-1359)

The version of http-parser installed on the remote host is prior to 2.9.3-1.2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1359 advisory. A flaw was found in the Node.js code where a specially crafted HTTPs request sent to a Node.js server failed to...

Important: http-parser

Issue Overview: A flaw was found in the Node.js code where a specially crafted HTTPs request sent to a Node.js server failed to properly process the HTTPs headers, resulting in a request smuggling attack. An attacker can use this flaw to alter a request sent as an authenticated user if the Node.j...

Important: Red Hat Security Advisory: http-parser security update

An update for http-parser is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

RHEL 7 : http-parser (RHSA-2020:1510)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:1510 advisory. The http-parser package provides a utility for parsing HTTP messages. It parses both requests and responses. The parser is designed to be used in...

Huawei EulerOS: Security Advisory for http-parser (EulerOS-SA-2020-1486)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.2.2 : http-parser (EulerOS-SA-2020-1486)

According to the versions of the http-parser package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By usin...

Huawei EulerOS: Security Advisory for http-parser (EulerOS-SA-2020-1198)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization for ARM 64 3.0.2.0 : http-parser (EulerOS-SA-2020-1198)

According to the versions of the http-parser package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP...

Oracle Linux 8 : http-parser (ELSA-2020-0708)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2020-0708 advisory. - Do not break ABI with CVE-2019-15605 fix Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...

Oracle Linux 7 : http-parser (ELSA-2020-0703)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-0703 advisory. - Do not break ABI with CVE-2019-15605 fix Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...

MGASA-2020-0131 Updated http-parser packages fix security vulnerability

http-parser has been updated to fix a security issue. HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed VE-2019-15605...

Updated http-parser packages fix security vulnerability

http-parser has been updated to fix a security issue. HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed VE-2019-15605...

RHEL 8 : http-parser (RHSA-2020:0707)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:0707 advisory. The http-parser package provides a utility for parsing HTTP messages. It parses both requests and responses. The parser is designed to be used in...

Scientific Linux Security Update : http-parser on SL7.x x86_64 (20200304)

Security Fixes : - nodejs: HTTP request smuggling using malformed Transfer-Encoding header CVE-2019-15605 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid134273; scriptversion"1.3";...