CVE-2019-15605

描述

HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed

受影響套件(3)

• Alpine/nodejsfrom 0, < 10.19.0-r0
• Debian/http-parserfrom 0, < 2.9.4-2
• Debian/nodejsfrom 0, < 10.19.0~dfsg-1

CVSS 分數

參考連結(2)

• ADVISORYhttps://security.alpinelinux.org/vuln/CVE-2019-15605
• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2019-15605