VDB
DEBIAN-CVE-2019-15606
DEBIAN-CVE-2019-15606
PUBLISHED
CVSS 9.800000190734863 CRITICAL
Including trailing white space in HTTP header values in Nodejs 10, 12, and 13 causes bypass of authorization based on header value comparisons
Risk Scores
CVSS 3.1
9.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:12 | nodejs | 0, 0, 0 |
| Debian:13 | nodejs | 0, 0, 0 |
| Debian:14 | nodejs | 0, 0, 0 |
| Debian:11 | nodejs | 0, 0, 0 |
Timeline
- Feb 7, 2020 CVE Published
- Apr 28, 2026 CVE Updated