NA

CVE-2021-22959

Vulnerability Summary

A security issue has been found in Node.js prior to 16.11.1, 14.18.1 and 12.22.7. The http parser accepts requests with a space (SP) right after the header name before the colon. This can lead to HTTP Request Smuggling (HRS).

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vendor Advisories

Arch Linux Security Advisory ASA-202110-4 ========================================= Severity: Medium Date : 2021-10-21 CVE-ID : CVE-2021-22959 CVE-2021-22960 Package : nodejs Type : url request injection Remote : Yes Link : securityarchlinuxorg/AVG-2460 Summary ======= The package nodejs before version 16111-1 is vulnerabl ...
A security issue has been found in Nodejs before versions 16111, 14181 and 12227 The http parser accepts requests with a space (SP) right after the header name before the colon This can lead to HTTP Request Smuggling (HRS) ...
Arch Linux Security Advisory ASA-202110-5 ========================================= Severity: High Date : 2021-10-21 CVE-ID : CVE-2021-22939 CVE-2021-22940 CVE-2021-22959 CVE-2021-22960 Package : nodejs-lts-fermium Type : multiple issues Remote : Yes Link : securityarchlinuxorg/AVG-2284 Summary ======= The package nodejs-lts ...
Arch Linux Security Advisory ASA-202110-6 ========================================= Severity: High Date : 2021-10-21 CVE-ID : CVE-2021-22939 CVE-2021-22940 CVE-2021-22959 CVE-2021-22960 Package : nodejs-lts-erbium Type : multiple issues Remote : Yes Link : securityarchlinuxorg/AVG-2285 Summary ======= The package nodejs-lts- ...