Amazon Linux 2022 : nodejs, nodejs-devel, nodejs-full-i18n (ALAS2022-2022-013)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-013 advisory. An HTTP Request Smuggling HRS vulnerability was found in the llhttp library, used by Node.JS. Spaces as part of the header names were accepted as valid. In situations where HTTP conversations a...