Search for packages
| purl | pkg:deb/debian/http-parser@2.1-2 |
| Next non-vulnerable version | 2.9.4-4+deb11u1 |
| Latest non-vulnerable version | 2.9.4-4+deb11u1 |
| Risk | 4.4 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-6uvj-k3c9-aaab
Aliases: CVE-2019-15605 |
HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed |
Affected by 0 other vulnerabilities. Affected by 2 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-d15h-ng65-aaab
Aliases: CVE-2020-8287 |
Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 allow two copies of a header field in an HTTP request (for example, two Transfer-Encoding header fields). In this case, Node.js identifies the first header field and ignores the second. This can lead to HTTP Request Smuggling. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-06-21T14:16:29.125862+00:00 | Debian Oval Importer | Affected by | VCID-6uvj-k3c9-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T12:04:16.040067+00:00 | Debian Oval Importer | Affected by | VCID-d15h-ng65-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T02:27:03.408506+00:00 | Debian Oval Importer | Affected by | VCID-d15h-ng65-aaab | None | 36.1.3 |
| 2025-06-20T21:47:04.120310+00:00 | Debian Oval Importer | Affected by | VCID-6uvj-k3c9-aaab | None | 36.1.3 |
| 2025-06-08T12:59:21.279169+00:00 | Debian Oval Importer | Affected by | VCID-6uvj-k3c9-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T07:09:51.471128+00:00 | Debian Oval Importer | Affected by | VCID-6uvj-k3c9-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T05:12:28.449358+00:00 | Debian Oval Importer | Affected by | VCID-d15h-ng65-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-07T19:50:58.671733+00:00 | Debian Oval Importer | Affected by | VCID-d15h-ng65-aaab | None | 36.1.0 |
| 2025-06-07T15:10:07.510439+00:00 | Debian Oval Importer | Affected by | VCID-6uvj-k3c9-aaab | None | 36.1.0 |
| 2025-04-12T20:37:10.523725+00:00 | Debian Oval Importer | Affected by | VCID-d15h-ng65-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T18:46:41.464003+00:00 | Debian Oval Importer | Affected by | VCID-6uvj-k3c9-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-08T05:42:24.139901+00:00 | Debian Oval Importer | Affected by | VCID-6uvj-k3c9-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T03:43:26.018148+00:00 | Debian Oval Importer | Affected by | VCID-d15h-ng65-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-07T18:28:48.735645+00:00 | Debian Oval Importer | Affected by | VCID-d15h-ng65-aaab | None | 36.0.0 |
| 2025-04-07T13:41:50.918107+00:00 | Debian Oval Importer | Affected by | VCID-6uvj-k3c9-aaab | None | 36.0.0 |
| 2025-04-06T20:34:56.517764+00:00 | Debian Importer | Affected by | VCID-6uvj-k3c9-aaab | None | 36.0.0 |
| 2025-02-19T07:17:44.528597+00:00 | Debian Importer | Affected by | VCID-6uvj-k3c9-aaab | None | 35.1.0 |
| 2024-04-24T14:44:28.896489+00:00 | Debian Importer | Affected by | VCID-6uvj-k3c9-aaab | None | 34.0.0rc4 |
| 2024-01-10T17:27:58.365792+00:00 | Debian Importer | Affected by | VCID-6uvj-k3c9-aaab | None | 34.0.0rc2 |
| 2024-01-04T07:05:16.838322+00:00 | Debian Importer | Affected by | VCID-6uvj-k3c9-aaab | None | 34.0.0rc1 |