[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

CVE-2018-12116 -- nodejs

ID: oval:org.secpod.oval:def:1900816Date: (C)2019-04-21   (M)2023-12-07
Class: VULNERABILITYFamily: unix




Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user-provided Unicode data for the `path` option of an HTTP request, then data can be provided which will trigger a second, unexpected, and user-defined HTTP request to made to the same server.

Platform:
Ubuntu 18.04
Product:
nodejs
Reference:
CVE-2018-12116
CVE    1
CVE-2018-12116
CPE    3
cpe:/o:ubuntu:ubuntu_linux:18.04
cpe:/o:ubuntu:ubuntu_linux:18.10
cpe:/a:nodejs:nodejs

© SecPod Technologies