AVG-2460 log
Package | nodejs |
Status | Fixed |
Severity | Medium |
Type | url request injection |
Affected | 16.11.0-1 |
Fixed | 16.11.1-1 |
Current | 22.9.0-1 [extra] |
Ticket | None |
Created | Tue Oct 12 16:36:13 2021 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2021-22960 | Medium | Yes | Url request injection | A security issue has been found in Node.js before versions 16.11.1, 14.18.1 and 12.22.7. The parser ignores chunk extensions when parsing the body of... |
CVE-2021-22959 | Medium | Yes | Url request injection | A security issue has been found in Node.js before versions 16.11.1, 14.18.1 and 12.22.7. The http parser accepts requests with a space (SP) right after the... |
Date | Advisory | Package | Type |
---|---|---|---|
21 Oct 2021 | ASA-202110-4 | nodejs | url request injection |