You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We have found that a vulnerabilitiy contained in your software have been updated,details:
CVE: CVE-2020-8287
Description: Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 allow two copies of a header field in an HTTP request (for example, two Transfer-Encoding header fields). In this case, Node.js identifies the first header field and ignores the second. This can lead to HTTP Request Smuggling.
Affected software: ['debian linux', 'sinec infrastructure network services', 'fedora', 'graalvm', 'node.js']
Threat score: 6.5
Patch recommand: https://nodejs.org/en/blog/vulnerability/january-2021-security-releases/
Poc recommand: https://hackerone.com/reports/1002188
Reference: https://nvd.nist.gov/vuln/detail/CVE-2020-8287
If you have any questions, you can contact:[email protected]
The text was updated successfully, but these errors were encountered:
We have found that a vulnerabilitiy contained in your software have been updated,details:
CVE: CVE-2020-8287
Description: Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 allow two copies of a header field in an HTTP request (for example, two Transfer-Encoding header fields). In this case, Node.js identifies the first header field and ignores the second. This can lead to HTTP Request Smuggling.
Affected software: ['debian linux', 'sinec infrastructure network services', 'fedora', 'graalvm', 'node.js']
Threat score: 6.5
Patch recommand: https://nodejs.org/en/blog/vulnerability/january-2021-security-releases/
Poc recommand: https://hackerone.com/reports/1002188
Reference: https://nvd.nist.gov/vuln/detail/CVE-2020-8287
If you have any questions, you can contact:[email protected]
The text was updated successfully, but these errors were encountered: