Lucene search

PRIOn knowledge basePRION:CVE-2019-15605

HistoryFeb 07, 2020 - 3:15 p.m.

Design/Logic Flaw

2020-02-0715:15:00

PRIOn knowledge base

www.prio-n.com

9.3 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

77.3%

JSON

HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed

CPENameOperatorVersion
debian_linuxeq10.0
fedoraeq30
node.jsge12.0.0
node.jslt12.15.0
node.jsge10.0.0
node.jslt10.19.0
node.jsge13.0.0
node.jslt13.8.0
leapeq15.1
graalvmeq20.0.0

Name	Operator	Version
debian_linux	eq	10.0
fedora	eq	30
node.js	ge	12.0.0
node.js	lt	12.15.0
node.js	ge	10.0.0
node.js	lt	10.19.0
node.js	ge	13.0.0
node.js	lt	13.8.0
leap	eq	15.1
graalvm	eq	20.0.0

Rows per page:

1-10 of 291

References

lists.opensuse.org/opensuse-security-announce/2020-03/msg00008.html

access.redhat.com/errata/RHSA-2020:0573

access.redhat.com/errata/RHSA-2020:0579

access.redhat.com/errata/RHSA-2020:0597

access.redhat.com/errata/RHSA-2020:0598

access.redhat.com/errata/RHSA-2020:0602

access.redhat.com/errata/RHSA-2020:0703

access.redhat.com/errata/RHSA-2020:0707

access.redhat.com/errata/RHSA-2020:0708

hackerone.com/reports/735748

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CT3WTR4P5VAJ3GJGKPYEDUPTNZ3IEDUR/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLB676PDU4RJQLWQUA277YNGYYNEYGWO/

nodejs.org/en/blog/release/v10.19.0/

nodejs.org/en/blog/release/v12.15.0/

nodejs.org/en/blog/release/v13.8.0/

nodejs.org/en/blog/vulnerability/february-2020-security-releases/

security.gentoo.org/glsa/202003-48

security.netapp.com/advisory/ntap-20200221-0004/

www.debian.org/security/2020/dsa-4669

www.oracle.com//security-alerts/cpujul2021.html

www.oracle.com/security-alerts/cpuapr2020.html