CVE-2024-27982 | Node.js up to 18.20.0/20.12.0/21.7.2 Header Content-Length request smuggling

Inserito da Angelo Barbosa | Mag 7, 2024 | CVE

A vulnerability, which was classified as critical, has been found in Node.js up to 18.20.0/20.12.0/21.7.2. Affected by this issue is some unknown functionality of the component Header Handler. The manipulation of the argument Content-Length leads to http request smuggling.

This vulnerability is handled as CVE-2024-27982. The attack may be launched remotely. There is no exploit available.

CVE-2024-27982 | Node.js up to 18.20.0/20.12.0/21.7.2 Header Content-Length request smuggling

Post correlati

CVE-2024-8378 | Safe SVG Plugin up to 2.2.5 on WordPress wp_handle_upload cross site scripting

CVE-2023-42463 | Wazuh up to 4.5.2 stack-based overflow

CVE-2024-26623 | Linux Kernel up to 6.6.15/6.7.3/6.8-rc2 pds_core queue_work null pointer dereference (22cd6046eb21/5939feb63ea1/7e82a8745b95)

CVE-2022-48464 | Unisoc S8000 Wifi Service out-of-bounds write