CVE-2022-35256 — Vulnetix

CVE-2022-35256 PUBLISHED

EPSS 3.69% · 88.2th percentile

Risk Scores

EPSS Score

3.69%

88.2th percentile

Affected Products

Vendor	Product	Versions
Amazon	nodejs

Exploit Intelligence

HTTP Request Smuggling Due to Incorrect Parsing of Header Fields (hackerone)
HTTP Request Smuggling Due to Incorrect Parsing of Header Fields (hackerone)
HTTP Request Smuggling Due to Incorrect Parsing of Header Fields (hackerone)
HTTP Request Smuggling Due to Incorrect Parsing of Header Fields (hackerone)
HTTP Request Smuggling Due to Incorrect Parsing of Header Fields (hackerone)
HTTP Request Smuggling Due to Incorrect Parsing of Header Fields (hackerone)
https://hackerone.com/reports/1675191 (bitnami)

Timeline

CVE Published
Oct 26, 2022 PoC Published
Dec 6, 2022 EPSS Score
Feb 28, 2023 EPSS Score
Apr 9, 2023 PoC Published
Apr 11, 2023 EPSS Score
Jul 5, 2023 EPSS Score
Aug 16, 2023 EPSS Score
Nov 8, 2023 EPSS Score
Jan 31, 2024 EPSS Score
Mar 13, 2024 EPSS Score
Jun 5, 2024 EPSS Score

References

ALAS2023-2023-084: nodejs (important) advisory

Open in Interactive Console →

$ Console Community · 100/wk Open console ›