ALT-PU-2022-2226-1
Closed vulnerabilities
Published: 2022-07-07
BDU:2022-04390
Уязвимость программной платформы Node.js, связанная с недостатками обработки HTTP-запросов, позволяющая нарушителю выполнять атаку "контрабанда HTTP-запросов"
Severity: HIGH (7.3)
Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
References:
Published: 2022-07-14
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2022-32214
The llhttp parser
Severity: MEDIUM (6.5)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
References:
Published: 2022-07-14
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2022-32215
The llhttp parser
Severity: MEDIUM (6.5)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
References:
- https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf
- https://hackerone.com/reports/1501679
- https://hackerone.com/reports/1501679
- FEDORA-2022-de515f765f
- FEDORA-2022-de515f765f
- FEDORA-2022-1667f7b60a
- FEDORA-2022-1667f7b60a
- FEDORA-2022-52dec6351a
- FEDORA-2022-52dec6351a
- https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/
- https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/
- DSA-5326
- DSA-5326