pkg:npm/llhttp
Type
npm
Name
llhttp
Known advisories, vulnerabilities and fixes for llhttp package.
- Repository
- https://www.npmjs.com/package/llhttp
Critical
2
High
1
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | < 6.0.7 |
CVE-2022-32213
|
NPM:GHSA-5689-V88G-G6RV | llhttp allows HTTP Request Smuggling via Flawed Parsing of Transfer-Encoding | critical |
2022-07-15T00:00:18
(2 years ago) |
|
Fixed | = 6.0.7 |
CVE-2022-32213
|
NPM:GHSA-5689-V88G-G6RV | llhttp allows HTTP Request Smuggling via Flawed Parsing of Transfer-Encoding | critical |
2022-07-15T00:00:18
(2 years ago) |
|
Affected | < 8.1.1 |
CVE-2023-30589
|
NPM:GHSA-CGGH-PQ45-6H9X | llhttp vulnerable to HTTP request smuggling | high |
2023-07-01T00:30:46
(14 months ago) |
|
Fixed | = 8.1.1 |
CVE-2023-30589
|
NPM:GHSA-CGGH-PQ45-6H9X | llhttp vulnerable to HTTP request smuggling | high |
2023-07-01T00:30:46
(14 months ago) |
|
Affected | < 6.0.7 |
CVE-2022-32214
|
NPM:GHSA-Q5VX-44V4-GCH4 | llhttp allows HTTP Request Smuggling via Improper Delimiting of Header Fields | critical |
2022-07-15T00:00:18
(2 years ago) |
|
Fixed | = 6.0.7 |
CVE-2022-32214
|
NPM:GHSA-Q5VX-44V4-GCH4 | llhttp allows HTTP Request Smuggling via Improper Delimiting of Header Fields | critical |
2022-07-15T00:00:18
(2 years ago) |