| Max CVSS | 7.5 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-15605 | 7.5 |
HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed
|
07-03-2024 - 21:24 | 07-02-2020 - 15:15 | |
| CVE-2018-7159 | 5.0 |
The HTTP parser in all current versions of Node.js ignores spaces in the `Content-Length` header, allowing input such as `Content-Length: 1 2` to be interpreted as having a value of `12`. The HTTP specification does not allow for spaces in the `Conte
|
13-02-2020 - 15:55 | 17-05-2018 - 14:29 |