VDB
DEBIAN-CVE-2019-15605
DEBIAN-CVE-2019-15605
PUBLISHED
CVSS 9.800000190734863 CRITICAL
HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed
Risk Scores
CVSS 3.1
9.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:12 | http-parser | 0, 0, 0 |
| Debian:11 | nodejs | 0, 0, 0 |
| Debian:12 | nodejs | 0, 0, 0 |
| Debian:13 | nodejs | 0, 0, 0 |
| Debian:13 | http-parser | 0, 0, 0 |
| Debian:11 | http-parser | 0, 0, 0 |
| Debian:14 | http-parser | 0, 0, 0 |
| Debian:14 | nodejs | 0, 0, 0 |
Timeline
- Feb 7, 2020 CVE Published
- Apr 28, 2026 CVE Updated