{"vulnerability": "CVE-2024-22019", "sightings": [{"uuid": "b1804fbf-d2d4-43d4-ba33-888567ed7686", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22019", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-319-08", "content": "", "creation_timestamp": "2024-11-14T12:00:00.000000Z"}, {"uuid": "e715eba5-b35b-4f85-8f43-91f6050988b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22019", "type": "seen", "source": "https://t.me/arpsyndicate/3700", "content": "#ExploitObserverAlert\n\nCVE-2024-22019\n\nDESCRIPTION: Exploit Observer has 2 entries in 1 file formats related to CVE-2024-22019. A vulnerability in Node.js HTTP servers allows an attacker to send a specially crafted HTTP request with chunked encoding, leading to resource exhaustion and denial of service (DoS). The server reads an unbounded number of bytes from a single connection, exploiting the lack of limitations on chunk extension bytes. The issue can cause CPU and network bandwidth exhaustion, bypassing standard safeguards like timeouts and body size limits.\n\nFIRST-EPSS: 0.000430000", "creation_timestamp": "2024-02-21T06:53:10.000000Z"}, {"uuid": "a2fa524c-cf2b-4b51-b03e-ce66e2407079", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22019", "type": "seen", "source": "https://gist.github.com/Darkcrai86/548c952e45379d1ea22232f45faf68f3", "content": "", "creation_timestamp": "2025-11-13T18:16:17.000000Z"}, {"uuid": "55003cd7-a9a0-4705-bbf9-6d347c395099", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22019", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-317-09", "content": "", "creation_timestamp": "2025-11-13T11:00:00.000000Z"}, {"uuid": "99508dab-4b04-4593-92d0-2ac3771d7fb7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22019", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14205", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-22019\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_0, Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: A vulnerability in Node.js HTTP servers allows an attacker to send a specially crafted HTTP request with chunked encoding, leading to resource exhaustion and denial of service (DoS). The server reads an unbounded number of bytes from a single connection, exploiting the lack of limitations on chunk extension bytes. The issue can cause CPU and network bandwidth exhaustion, bypassing standard safeguards like timeouts and body size limits.\n\ud83d\udccf Published: 2024-02-20T01:31:08.092Z\n\ud83d\udccf Modified: 2025-04-30T22:25:12.463Z\n\ud83d\udd17 References:\n1. https://hackerone.com/reports/2233486\n2. https://security.netapp.com/advisory/ntap-20240315-0004/\n3. http://www.openwall.com/lists/oss-security/2024/03/11/1", "creation_timestamp": "2025-04-30T23:14:52.000000Z"}, {"uuid": "578665c3-01cf-4023-af4d-4f74de1e5498", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22019", "type": "seen", "source": "https://t.me/arpsyndicate/4534", "content": "#ExploitObserverAlert\n\nCVE-2024-22019\n\nDESCRIPTION: Exploit Observer has 13 entries in 2 file formats related to CVE-2024-22019. A vulnerability in Node.js HTTP servers allows an attacker to send a specially crafted HTTP request with chunked encoding, leading to resource exhaustion and denial of service (DoS). The server reads an unbounded number of bytes from a single connection, exploiting the lack of limitations on chunk extension bytes. The issue can cause CPU and network bandwidth exhaustion, bypassing standard safeguards like timeouts and body size limits.\n\nFIRST-EPSS: 0.000430000\nARPS-EXPLOITABILITY: 0.5817243", "creation_timestamp": "2024-04-12T06:02:54.000000Z"}, {"uuid": "85206c82-2c2d-4a08-aa0c-aedf17e7dfe0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22019", "type": "seen", "source": "https://t.me/ctinow/203200", "content": "https://ift.tt/FPsWSc2\nCVE-2024-22019 | Node.js HTTP Request denial of service", "creation_timestamp": "2024-03-08T10:22:16.000000Z"}, {"uuid": "196b6f84-dd8b-42f3-8648-2469eb41e2b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22019", "type": "seen", "source": "https://t.me/ctinow/208639", "content": "https://ift.tt/eM9Q6Rf\nCVE-2024-22019 Node.js Vulnerability in NetApp Products", "creation_timestamp": "2024-03-15T11:26:47.000000Z"}, {"uuid": "8eaa3409-1e46-4776-b8a1-99bb92b1b683", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22019", "type": "seen", "source": "https://t.me/ctinow/188075", "content": "https://ift.tt/mZAVQrM\nCVE-2024-22019", "creation_timestamp": "2024-02-20T03:31:52.000000Z"}, {"uuid": "f2f4642a-8afe-4471-aba5-5b7a4c690b24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22019", "type": "seen", "source": "https://t.me/ctinow/188084", "content": "https://ift.tt/mZAVQrM\nCVE-2024-22019", "creation_timestamp": "2024-02-20T03:32:06.000000Z"}, {"uuid": "b0383b04-419a-4321-bb97-08db1abba22d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22019", "type": "seen", "source": "https://t.me/ctinow/186578", "content": "https://ift.tt/t3ySqwK\nCVE-2024-22019", "creation_timestamp": "2024-02-16T19:02:04.000000Z"}]}