Search for packages
| purl | pkg:deb/debian/http-parser@2.9.4-4%2Bdeb11u1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-2a49-wha4-zyba | HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed |
CVE-2019-15605
|
| VCID-89uf-r4wj-7feq | Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 allow two copies of a header field in an HTTP request (for example, two Transfer-Encoding header fields). In this case, Node.js identifies the first header field and ignores the second. This can lead to HTTP Request Smuggling. |
CVE-2020-8287
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-08-01T17:31:40.952451+00:00 | Debian Oval Importer | Fixing | VCID-89uf-r4wj-7feq | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 37.0.0 |
| 2025-08-01T15:05:15.288430+00:00 | Debian Oval Importer | Fixing | VCID-2a49-wha4-zyba | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 37.0.0 |