The llhttp parser <v14.20.1,... CVE-2022-32214

- AV AC AU C I A
发布: 2022-07-14
修订: 2024-11-21

The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not strictly use the CRLF sequence to delimit HTTP requests. This can lead to HTTP Request Smuggling (HRS).

0%
暂无可用Exp或PoC
当前有8条受影响产品信息