Lucene search
Veracode Vulnerability DatabaseVERACODE:32486HistoryOct 13, 2021 - 5:26 p.m.
HTTP Request Smuggling (HRS)
2021-10-1317:26:57
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
19
0.003 Low
EPSS
Percentile
69.7%
nodejs is vulnerable to HTTP request smuggling. The vulnerability exists due to an error related to a space in headers which allows an attacker to poison the web cache, bypassing the web application.
Related
nvd
nvd
CVE-2021-22959
2021-11-15 15:15:06
ibm
ibm
cve
cve
CVE-2021-22959
2021-11-15 15:15:06
hackerone
hackerone
Node.js: HTTP Request Smuggling due to accepting space before colon
2021-06-20 11:10:00
prion
prion
Design/Logic Flaw
2021-11-15 15:15:00
redhatcve
redhatcve
CVE-2021-22959
2021-10-14 12:15:38
ubuntucve
ubuntucve
CVE-2021-22959
2021-11-15 00:00:00
cvelist
cvelist
CVE-2021-22959
2021-11-15 14:45:16
debiancve
debiancve
CVE-2021-22959
2021-11-15 15:15:06
osv
osv
CVE-2021-22959
2021-11-15 15:15:06
nodejs - security update
2022-06-27 00:00:00
Moderate: nodejs:16 security, bug fix, and enhancement update
2021-12-15 19:09:29
alpinelinux
alpinelinux
CVE-2021-22959
2021-11-15 15:15:06
openvas
openvas
Fedora: Security Advisory for nodejs (FEDORA-2021-9818cabe0d)
2021-10-30 00:00:00
Mageia: Security Advisory (MGASA-2021-0592)
2022-01-28 00:00:00
Fedora: Security Advisory for nodejs (FEDORA-2021-cbad295a90)
2021-10-24 00:00:00
fedora
fedora
[SECURITY] Fedora 33 Update: nodejs-14.18.1-1.fc33
2021-10-23 03:25:54
[SECURITY] Fedora 34 Update: nodejs-14.18.1-1.fc34
2021-10-23 03:22:47
[SECURITY] Fedora 35 Update: nodejs-16.11.1-1.fc35
2021-10-29 23:27:03
nessus
nessus
archlinux
archlinux
[ASA-202110-4] nodejs: url request injection
2021-10-21 00:00:00
[ASA-202110-5] nodejs-lts-fermium: multiple issues
2021-10-21 00:00:00
[ASA-202110-6] nodejs-lts-erbium: multiple issues
2021-10-21 00:00:00
freebsd
freebsd
Node.js -- October 2021 Security Releases
2021-10-12 00:00:00
mageia
mageia
Updated nodejs packages fix security vulnerability
2021-12-30 19:41:51
altlinux
altlinux
Security fix for the ALT Linux 10 package node version 14.18.2-alt1
2021-12-23 00:00:00
nodejsblog
nodejsblog
October 12th 2021 Security Releases
2021-10-12 00:00:00
redhat
redhat
debian
debian
[SECURITY] [DSA 5170-1] nodejs security update
2022-06-27 18:43:09
rocky
rocky
nodejs:16 security, bug fix, and enhancement update
2021-12-15 19:09:29
12 bug fix and enhancement update
2022-06-21 11:47:44
nodejs:14 security, bug fix, and enhancement update
2022-02-01 20:08:39
suse
suse
Security update for nodejs14 (important)
2021-12-10 00:00:00
Security update for nodejs12 (important)
2021-12-06 00:00:00
Security update for nodejs14 (important)
2021-12-07 00:00:00
oraclelinux
oraclelinux
nodejs:16 security, bug fix, and enhancement update
2021-12-16 00:00:00
nodejs:14 security, bug fix, and enhancement update
2022-02-02 00:00:00
almalinux
almalinux
Moderate: nodejs:16 security, bug fix, and enhancement update
2021-12-15 19:09:29
Moderate: nodejs:14 security, bug fix, and enhancement update
2022-02-01 20:08:39
gentoo
gentoo
Node.js: Multiple Vulnerabilities
2024-05-08 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - January 2022
2022-01-18 00:00:00