AVG-2460 log
| Package | nodejs |
| Status | Fixed |
| Severity | Medium |
| Type | url request injection |
| Affected | 16.11.0-1 |
| Fixed | 16.11.1-1 |
| Current | 21.7.3-1 [extra] |
| Ticket | None |
| Created | Tue Oct 12 16:36:13 2021 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2021-22960 | Medium | Yes | Url request injection | A security issue has been found in Node.js before versions 16.11.1, 14.18.1 and 12.22.7. The parser ignores chunk extensions when parsing the body of... |
| CVE-2021-22959 | Medium | Yes | Url request injection | A security issue has been found in Node.js before versions 16.11.1, 14.18.1 and 12.22.7. The http parser accepts requests with a space (SP) right after the... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 21 Oct 2021 | ASA-202110-4 | nodejs | url request injection |