Showing 1 - 7 of 7

CVE-2021-22960

Status Candidate

Overview

The parse function in llhttp < 2.1.4 and < 6.0.6. ignores chunk extensions when parsing the body of chunked requests. This leads to HTTP Request Smuggling (HRS) under certain conditions.

Related Files

Gentoo Linux Security Advisory 202405-29: Posted May 9, 2024; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202405-29 - Multiple vulnerabilities have been discovered in Node.js. Versions greater than or equal to 16.20.2 are affected.; tags | advisory, vulnerability; systems | linux, gentoo; advisories | CVE-2020-7774, CVE-2021-22883, CVE-2021-22884, CVE-2021-22918, CVE-2021-22930, CVE-2021-22931, CVE-2021-22939, CVE-2021-22940, CVE-2021-22959, CVE-2021-22960, CVE-2021-3672, CVE-2021-37701, CVE-2021-37712, CVE-2021-39134; SHA-256 | 896f93d8be3fd63618f8c7828d363945d93c89399750559db27ad47c3598d38a; Download | Favorite | View

Debian Security Advisory 5170-1: Posted Jun 28, 2022; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5170-1 - Multiple vulnerabilities were discovered in Node.js, which could result in HTTP request smuggling, a bypass of certificate verification or prototype pollution.; tags | advisory, web, vulnerability; systems | linux, debian; advisories | CVE-2021-22959, CVE-2021-22960, CVE-2021-44531, CVE-2021-44532, CVE-2021-44533, CVE-2022-21824; SHA-256 | 02c22c0c690787980900a20bd2fbcd3897504bf8d273ec8ab1b192278ce7ab7b; Download | Favorite | View

Red Hat Security Advisory 2022-4914-01: Posted Jun 7, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-4914-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling and bypass vulnerabilities.; tags | advisory, web, javascript, vulnerability; systems | linux, redhat; advisories | CVE-2021-22959, CVE-2021-22960, CVE-2021-37701, CVE-2021-37712, CVE-2021-3918, CVE-2021-44531, CVE-2021-44532, CVE-2021-44533, CVE-2021-44906, CVE-2022-21824; SHA-256 | b43f0c89fd3414efa475d6ec07c2e68d3f66f12f846e7070d1966227905eca9d; Download | Favorite | View

Red Hat Security Advisory 2022-0350-04: Posted Feb 2, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-0350-04 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling and denial of service vulnerabilities.; tags | advisory, web, denial of service, javascript, vulnerability; systems | linux, redhat; advisories | CVE-2020-28469, CVE-2020-7788, CVE-2021-22959, CVE-2021-22960, CVE-2021-33502, CVE-2021-37701, CVE-2021-37712, CVE-2021-3807, CVE-2021-3918; SHA-256 | 07cf30cab5cf210d32816cb8dbca0ff2d5ee3995e8c201686697cb9fca2bdbfd; Download | Favorite | View

Red Hat Security Advisory 2022-0246-04: Posted Jan 25, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-0246-04 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling and denial of service vulnerabilities.; tags | advisory, web, denial of service, javascript, vulnerability; systems | linux, redhat; advisories | CVE-2020-28469, CVE-2020-7788, CVE-2021-22959, CVE-2021-22960, CVE-2021-33502, CVE-2021-37701, CVE-2021-37712, CVE-2021-3807, CVE-2021-3918; SHA-256 | ac685f0ee1416a81c17a3920f8990f34fd0bed2044d014166ed19445dfeee9de; Download | Favorite | View

Red Hat Security Advisory 2022-0041-02: Posted Jan 7, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-0041-02 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling and denial of service vulnerabilities.; tags | advisory, web, denial of service, javascript, vulnerability; systems | linux, redhat; advisories | CVE-2021-22959, CVE-2021-22960, CVE-2021-37701, CVE-2021-37712, CVE-2021-3807, CVE-2021-3918; SHA-256 | a99fe197fc57400e20bfe23ee30166ab68528ec9bf0aa7cc6ad183163f65fef4; Download | Favorite | View

Red Hat Security Advisory 2021-5171-03: Posted Dec 17, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-5171-03 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling and denial of service vulnerabilities.; tags | advisory, web, denial of service, javascript, vulnerability; systems | linux, redhat; advisories | CVE-2020-28469, CVE-2020-7788, CVE-2021-22959, CVE-2021-22960, CVE-2021-33502, CVE-2021-3807, CVE-2021-3918; SHA-256 | abdd28c5a51b6b72a0dfce534aba7ca82525f6c65dcd4baefb4847c0ebb00512; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 294 files
Ubuntu 63 files
Debian 34 files
Gentoo 32 files
LiquidWorm 10 files
malvuln 7 files
nu11secur1ty 7 files
Ahmet Umit Bayram 4 files
Adam Gowdiak 4 files
gabe_k 3 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,038)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,499)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,583)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,746)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,492)
UNIX (9,397)
UnixWare (187)
Windows (6,657)
Other

CVE-2021-22960

Overview

Related Files

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems