Threat Encyclopedia

Security Vulnerability CVE-2022-32215 for Nodejs

description-logoDescription

The llhttp parser in the http module in Node v17.6.0 does not correctly handle multi-line Transfer-Encoding headers. This can lead to HTTP Request Smuggling (HRS).

affected-products-logoAffected Applications

Nodejs

CVE References

CVE-2022-32215

Telemetry logoTelemetry