← Back to CVE List

CVE-2022-32215

Published: 2022-07-14T15:15Z
Last Modified: 2024-11-21T07:05Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not correctly handle multi-line Transfer-Encoding headers. This can lead to HTTP Request Smuggling (HRS). > MITRE Terms of Use apply – see LICENSE‑MITRE.txt