Lucene search
K

5 matches found

OSV
OSV
added 2024/03/06 11:3 a.m.37 views

BIT-NODE-2022-35256

The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not terminated with CLRF. This may result in HTTP Request Smuggling...

6.5CVSS8.1AI score0.02587EPSS
Exploits1References4
Hacker One
Hacker One
added 2023/02/28 4:55 a.m.94 views

Internet Bug Bounty: HTTP Request Smuggling Due to Incorrect Parsing of Header Fields

A vulnerability was discovered in the HTTP request parsing of Node.js version 18.7.0 that allowed header fields to be incorrectly handled without carriage return line feed termination, enabling potential HTTP request smuggling...

6.5CVSS7.9AI score0.02587EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2022/12/05 10:15 p.m.36 views

CVE-2022-35256

The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not terminated with CLRF. This may result in HTTP Request Smuggling...

6.5CVSS7AI score0.02587EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2022/12/05 12:0 a.m.61 views

CVE-2022-35256

The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not terminated with CLRF. This may result in HTTP Request Smuggling...

6.5CVSS7.6AI score0.02587EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2022/12/05 12:0 a.m.46 views

CVE-2022-35256

The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not terminated with CLRF. This may result in HTTP Request Smuggling...

6.5CVSS8.3AI score0.02587EPSS
Exploits1
Rows per page
Query Builder