Including trailing white space in HTTP header values in Nodejs 10, 12, and 13 causes bypass of authorization based on header value comparisons
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
History
07 Mar 2024, 21:24
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:* |
Information
Published : 2020-02-07 15:15
Updated : 2024-03-07 21:24
NVD link : CVE-2019-15606
Mitre link : CVE-2019-15606
CVE.ORG link : CVE-2019-15606
JSON object : View
Products Affected
debian
- debian_linux
nodejs
- node.js
opensuse
- leap
oracle
- communications_cloud_native_core_network_function_cloud_native_environment
- graalvm
redhat
- enterprise_linux
- enterprise_linux_eus
CWE