Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 07/05/2024 Updated: 07/05/2024

The team has identified a critical vulnerability in the http server of the most recent version of Node, where malformed headers can lead to HTTP request smuggling. Specifically, if a space is placed before a content-length header, it is not interpreted correctly, enabling malicious users to smuggle in a second request within the body of the first.

Debian Bug report logs - #1068347 nodejs: CVE-2024-27983 CVE-2024-27982 Package: src:nodejs; Maintainer for src:nodejs is Debian Javascript Maintainers <pkg-javascript-devel@alioth-listsdebiannet>; Reported by: Moritz Mühlenhoff <jmm@inutilorg> Date: Wed, 3 Apr 2024 21:15:05 UTC Severity: grave Tags: security, u ...

The team has identified a vulnerability in the http server of the most recent version of Node, where malformed headers can lead to HTTP request smuggling Specifically, if a space is placed before a content-length header, it is not interpreted correctly, enabling attackers to smuggle in a second request within the body of the first Impacts: This ...

https://hackerone.com/reports/2237099 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068347 https://nvd.nist.gov https://security.archlinux.org/CVE-2024-27982

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2024-27982

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect