2 matches found
HTTP Response Splitting
Overview Affected versions of this package are vulnerable to HTTP Response Splitting in the llhttp component. An attacker can manipulate HTTP response headers by injecting null bytes or control characters, causing headers to be interpreted differently by various components, which may lead to...
The vulnerability of the LLHTTP component in the NodeJS object manipulation software, which allows attackers to enhance their privileges.
The vulnerability of the LLHTTP component in the NodeJS object manipulation software lies in inconsistencies during the interpretation of HTTP request headers. Exploiting this vulnerability can allow an attacker to enhance their privileges remotely...