NA

CVE-2021-22960

Vulnerability Summary

A security issue has been found in Node.js prior to 16.11.1, 14.18.1 and 12.22.7. The parser ignores chunk extensions when parsing the body of chunked requests. This leads to HTTP Request Smuggling (HRS) under certain conditions.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vendor Advisories

No description is available for this CVE ...
Arch Linux Security Advisory ASA-202110-4 ========================================= Severity: Medium Date : 2021-10-21 CVE-ID : CVE-2021-22959 CVE-2021-22960 Package : nodejs Type : url request injection Remote : Yes Link : securityarchlinuxorg/AVG-2460 Summary ======= The package nodejs before version 16111-1 is vulnerabl ...
A security issue has been found in Nodejs before versions 16111, 14181 and 12227 The parser ignores chunk extensions when parsing the body of chunked requests This leads to HTTP Request Smuggling (HRS) under certain conditions ...
Arch Linux Security Advisory ASA-202110-5 ========================================= Severity: High Date : 2021-10-21 CVE-ID : CVE-2021-22939 CVE-2021-22940 CVE-2021-22959 CVE-2021-22960 Package : nodejs-lts-fermium Type : multiple issues Remote : Yes Link : securityarchlinuxorg/AVG-2284 Summary ======= The package nodejs-lts ...
Arch Linux Security Advisory ASA-202110-6 ========================================= Severity: High Date : 2021-10-21 CVE-ID : CVE-2021-22939 CVE-2021-22940 CVE-2021-22959 CVE-2021-22960 Package : nodejs-lts-erbium Type : multiple issues Remote : Yes Link : securityarchlinuxorg/AVG-2285 Summary ======= The package nodejs-lts- ...