CVE-2024-27982
CVSS v3.0
6.5 (Medium)
EPSS
0.04 % (10th)
Advisories
30
NVD Status
Awaiting Analysis
The team has identified a critical vulnerability in the http server of the most recent version of Node, where malformed headers can lead to HTTP request smuggling. Specifically, if a space is placed before a content-length header, it is not interpreted correctly, enabling attackers to smuggle in a second request within the body of the first.
- CVE Status
- PUBLISHED
- NVD Status
- Awaiting Analysis
- CNA
- HackerOne
- Published Date
-
2024-05-07 17:15:07
(4 months ago) - Updated Date
-
2024-05-07 20:07:58
(4 months ago)
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...