Skip to content
GitLab
Explore
Sign in
Register
Commits on Source (2)
CVE-2019-15604,CVE-2019-15606/nodejs: reference commits (courtesy of RedHat)
· c47af081
Sylvain Beucler
authored
Feb 20, 2020
c47af081
CVE-2019-15605: also affects http-parser
· 5eee2415
Sylvain Beucler
authored
Feb 20, 2020
5eee2415
Show whitespace changes
Inline
Side-by-side
data/CVE/list
View file @
5eee2415
...
...
@@ -32314,12 +32314,16 @@ CVE-2019-15607 (A stored XSS vulnerability is present within node-red (version:
CVE-2019-15606 (Including trailing white space in HTTP header values in Nodejs 10, 12, ...)
- nodejs <unfixed>
NOTE: https://hackerone.com/reports/730779
NOTE: https://github.com/nodejs/node/commit/25b6897e8a1072bd38b7d12d3ec6920bfe1c8de3
CVE-2019-15605 (HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payl ...)
- nodejs <unfixed>
- http-parser <unfixed>
NOTE: https://hackerone.com/reports/735748
NOTE: https://github.com/nodejs/http-parser/commit/7d5c99d09f6743b055d53fc3f642746d9801479b (http-parser)
CVE-2019-15604 (Improper Certificate Validation in Node.js 10, 12, and 13 causes the p ...)
- nodejs <unfixed>
NOTE: https://hackerone.com/reports/746733
NOTE: https://github.com/nodejs/node/commit/1156a9e5f849f32a3664587f9cf37cd876fe0dd1
CVE-2019-15603 (The seefl package v0.1.1 is vulnerable to a stored Cross-Site Scriptin ...)
NOT-FOR-US: seefl
CVE-2019-15602 (The fileview package v0.1.6 has inadequate output encoding and escapin ...)
Sylvain Beucler authored
Sylvain Beucler authored