Showing 1 - 4 of 4

CVE-2021-22960

Status Candidate

Overview

The parse function in llhttp < 2.1.4 and < 6.0.6. ignores chunk extensions when parsing the body of chunked requests. This leads to HTTP Request Smuggling (HRS) under certain conditions.

Related Files

Red Hat Security Advisory 2022-0350-04: Posted Feb 2, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-0350-04 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling and denial of service vulnerabilities.; tags | advisory, web, denial of service, javascript, vulnerability; systems | linux, redhat; advisories | CVE-2020-28469, CVE-2020-7788, CVE-2021-22959, CVE-2021-22960, CVE-2021-33502, CVE-2021-37701, CVE-2021-37712, CVE-2021-3807, CVE-2021-3918; SHA-256 | 07cf30cab5cf210d32816cb8dbca0ff2d5ee3995e8c201686697cb9fca2bdbfd; Download | Favorite | View

Red Hat Security Advisory 2022-0246-04: Posted Jan 25, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-0246-04 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling and denial of service vulnerabilities.; tags | advisory, web, denial of service, javascript, vulnerability; systems | linux, redhat; advisories | CVE-2020-28469, CVE-2020-7788, CVE-2021-22959, CVE-2021-22960, CVE-2021-33502, CVE-2021-37701, CVE-2021-37712, CVE-2021-3807, CVE-2021-3918; SHA-256 | ac685f0ee1416a81c17a3920f8990f34fd0bed2044d014166ed19445dfeee9de; Download | Favorite | View

Red Hat Security Advisory 2022-0041-02: Posted Jan 7, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-0041-02 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling and denial of service vulnerabilities.; tags | advisory, web, denial of service, javascript, vulnerability; systems | linux, redhat; advisories | CVE-2021-22959, CVE-2021-22960, CVE-2021-37701, CVE-2021-37712, CVE-2021-3807, CVE-2021-3918; SHA-256 | a99fe197fc57400e20bfe23ee30166ab68528ec9bf0aa7cc6ad183163f65fef4; Download | Favorite | View

Red Hat Security Advisory 2021-5171-03: Posted Dec 17, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-5171-03 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling and denial of service vulnerabilities.; tags | advisory, web, denial of service, javascript, vulnerability; systems | linux, redhat; advisories | CVE-2020-28469, CVE-2020-7788, CVE-2021-22959, CVE-2021-22960, CVE-2021-33502, CVE-2021-3807, CVE-2021-3918; SHA-256 | abdd28c5a51b6b72a0dfce534aba7ca82525f6c65dcd4baefb4847c0ebb00512; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 184 files
Ubuntu 58 files
malvuln 56 files
Apple 8 files
Google Security Research 7 files
Ahmed Alroky 6 files
nu11secur1ty 6 files
Saud Alenazi 5 files
Jann Horn 5 files
Mariam Tariq 4 files

File Archives

Systems

AIX (426)
Apple (1,883)
BSD (368)
CentOS (55)
Cisco (1,912)
Debian (5,948)
Fedora (1,690)
FreeBSD (1,241)
Gentoo (4,152)
HPUX (878)
iOS (318)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (42,088)
Mac OS X (683)
Mandriva (3,105)
NetBSD (255)
OpenBSD (478)
RedHat (11,485)
Slackware (941)
Solaris (1,607)
SUSE (1,444)
Ubuntu (7,783)
UNIX (9,060)
UnixWare (185)
Windows (6,405)
Other

CVE-2021-22960

Overview

Related Files

File Archive:

May 2022

Top Authors In Last 30 Days

File Tags

File Archives

Systems