Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1161 matches found

Github Security Blog
Github Security Blogadded 2022/07/15 12:0 a.m.29 views

llhttp allows HTTP Request Smuggling via Flawed Parsing of Transfer-Encoding

The llhttp parser in the http module in Node.js v17.x does not correctly parse and validate Transfer-Encoding headers and can lead to HTTP Request Smuggling HRS. Impacts: - All versions of the nodejs 18.x, 16.x, and 14.x releases lines. - llhttp v6.0.7 and llhttp v2.1.5 contains the fixes that we...

6.5CVSS6.9AI score0.34494EPSS
Exploits1References11Affected Software1
OSV
OSVadded 2022/07/15 12:0 a.m.28 views

GHSA-5689-V88G-G6RV llhttp allows HTTP Request Smuggling via Flawed Parsing of Transfer-Encoding

The llhttp parser in the http module in Node.js v17.x does not correctly parse and validate Transfer-Encoding headers and can lead to HTTP Request Smuggling HRS. Impacts: - All versions of the nodejs 18.x, 16.x, and 14.x releases lines. - llhttp v6.0.7 and llhttp v2.1.5 contains the fixes that we...

9.1CVSS7.4AI score0.34494EPSS
Exploits1References10
OSV
OSVadded 2022/07/14 3:15 p.m.2 views

ALPINE-CVE-2022-32213

The llhttp parser v14.20.1, v16.17.1 and v18.9.1 in the http module in Node.js does not correctly parse and validate Transfer-Encoding headers and can lead to HTTP Request Smuggling HRS...

6.5CVSS7AI score0.34494EPSS
Exploits1References1
OSV
OSVadded 2022/07/14 3:15 p.m.1 views

ALPINE-CVE-2022-32215

The llhttp parser v14.20.1, v16.17.1 and v18.9.1 in the http module in Node.js does not correctly handle multi-line Transfer-Encoding headers. This can lead to HTTP Request Smuggling HRS...

6.5CVSS7AI score0.68796EPSS
Exploits1References1
OSV
OSVadded 2022/07/14 3:15 p.m.1 views

DEBIAN-CVE-2022-32215

The llhttp parser v14.20.1, v16.17.1 and v18.9.1 in the http module in Node.js does not correctly handle multi-line Transfer-Encoding headers. This can lead to HTTP Request Smuggling HRS...

6.5CVSS6.6AI score0.68796EPSS
Exploits1References1
OSV
OSVadded 2022/07/14 3:15 p.m.1 views

DEBIAN-CVE-2022-32213

The llhttp parser v14.20.1, v16.17.1 and v18.9.1 in the http module in Node.js does not correctly parse and validate Transfer-Encoding headers and can lead to HTTP Request Smuggling HRS...

6.5CVSS6.6AI score0.34494EPSS
Exploits1References1
OSV
OSVadded 2022/07/14 3:15 p.m.1 views

AZL-41051 CVE-2022-32213 affecting package rust for versions less than 1.75.0-1

The llhttp parser v14.20.1, v16.17.1 and v18.9.1 in the http module in Node.js does not correctly parse and validate Transfer-Encoding headers and can lead to HTTP Request Smuggling HRS...

6.5CVSS6.7AI score0.34494EPSS
Exploits1References1
OSV
OSVadded 2022/07/14 3:15 p.m.3 views

AZL-10150 CVE-2022-32213 affecting package nodejs for versions less than 16.20.2-4

The llhttp parser v14.20.1, v16.17.1 and v18.9.1 in the http module in Node.js does not correctly parse and validate Transfer-Encoding headers and can lead to HTTP Request Smuggling HRS...

6.5CVSS6.7AI score0.34494EPSS
Exploits1References1
OSV
OSVadded 2022/07/14 3:15 p.m.1 views

AZL-41446 CVE-2022-32215 affecting package rust for versions less than 1.75.0-1

The llhttp parser v14.20.1, v16.17.1 and v18.9.1 in the http module in Node.js does not correctly handle multi-line Transfer-Encoding headers. This can lead to HTTP Request Smuggling HRS...

6.5CVSS6.7AI score0.68796EPSS
Exploits1References1
NVD
NVDadded 2022/07/14 3:15 p.m.24 views

CVE-2022-32215

The llhttp parser v14.20.1, v16.17.1 and v18.9.1 in the http module in Node.js does not correctly handle multi-line Transfer-Encoding headers. This can lead to HTTP Request Smuggling HRS...

6.5CVSS0.68796EPSS
Exploits1References7
NVD
NVDadded 2022/07/14 3:15 p.m.28 views

CVE-2022-32213

The llhttp parser v14.20.1, v16.17.1 and v18.9.1 in the http module in Node.js does not correctly parse and validate Transfer-Encoding headers and can lead to HTTP Request Smuggling HRS...

6.5CVSS0.34494EPSS
Exploits1References7
UbuntuCve
UbuntuCveadded 2022/07/14 3:15 p.m.32 views

CVE-2022-32215

The llhttp parser v14.20.1, v16.17.1 and v18.9.1 in the http module in Node.js does not correctly handle multi-line Transfer-Encoding headers. This can lead to HTTP Request Smuggling HRS...

6.5CVSS6.8AI score0.68796EPSS
Exploits1References5
UbuntuCve
UbuntuCveadded 2022/07/14 3:15 p.m.47 views

CVE-2022-32213

The llhttp parser v14.20.1, v16.17.1 and v18.9.1 in the http module in Node.js does not correctly parse and validate Transfer-Encoding headers and can lead to HTTP Request Smuggling HRS...

6.5CVSS6.8AI score0.34494EPSS
Exploits1References5
OSV
OSVadded 2022/07/14 3:15 p.m.0 views

UBUNTU-CVE-2022-32215

The llhttp parser v14.20.1, v16.17.1 and v18.9.1 in the http module in Node.js does not correctly handle multi-line Transfer-Encoding headers. This can lead to HTTP Request Smuggling HRS...

6.5CVSS6.8AI score0.68796EPSS
Exploits1References6
OSV
OSVadded 2022/07/14 3:15 p.m.1 views

UBUNTU-CVE-2022-32213

The llhttp parser v14.20.1, v16.17.1 and v18.9.1 in the http module in Node.js does not correctly parse and validate Transfer-Encoding headers and can lead to HTTP Request Smuggling HRS...

6.5CVSS6.8AI score0.34494EPSS
Exploits1References6
Cvelist
Cvelistadded 2022/07/14 12:0 a.m.31 views

CVE-2022-32213

The llhttp parser v14.20.1, v16.17.1 and v18.9.1 in the http module in Node.js does not correctly parse and validate Transfer-Encoding headers and can lead to HTTP Request Smuggling HRS...

7.4AI score0.34494EPSS
Exploits1References7
Debian CVE
Debian CVEadded 2022/07/14 12:0 a.m.25 views

CVE-2022-32215

The llhttp parser v14.20.1, v16.17.1 and v18.9.1 in the http module in Node.js does not correctly handle multi-line Transfer-Encoding headers. This can lead to HTTP Request Smuggling HRS...

6.5CVSS7AI score0.68796EPSS
Exploits1
AlpineLinux
AlpineLinuxadded 2022/07/14 12:0 a.m.87 views

CVE-2022-32213

The llhttp parser v14.20.1, v16.17.1 and v18.9.1 in the http module in Node.js does not correctly parse and validate Transfer-Encoding headers and can lead to HTTP Request Smuggling HRS...

6.5CVSS7.7AI score0.34494EPSS
Exploits1
Positive Technologies
Positive Technologiesadded 2022/07/12 12:0 a.m.9 views

PT-2022-6218 · Apache +10 · Apache Http Server +10

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server versions 2.4.54 and prior versions Description: The issue is related to the inconsistent interpretation of HTTP requests, also known as 'HTTP Request Smuggling', in the mod proxy ajp module of the Apache HTTP Server. This...

10CVSS6.7AI score0.90407EPSS
Exploits8References133
RedhatCVE
RedhatCVEadded 2022/07/08 7:17 p.m.45 views

CVE-2022-32215

A vulnerability was found in NodeJS due to the llhttp parser in the HTTP module incorrectly handling multi-line Transfer-Encoding headers. This issue can lead to HTTP Request Smuggling HRS. This flaw allows a remote attacker to send a specially crafted HTTP request to the server and smuggle...

6.5CVSS3.4AI score0.68796EPSS
Exploits1References4
Rows per page
Query Builder