FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
a9c5e89d-2d15-11ec-8363-0022489ad614	Node.js -- October 2021 Security Releases Node.js reports: HTTP Request Smuggling due to spaced in headers (Medium)(CVE-2021-22959) The http parser accepts requests with a space (SP) right after the header name before the colon. This can lead to HTTP Request Smuggling (HRS). HTTP Request Smuggling when parsing the body (Medium)(CVE-2021-22960) The parse ignores chunk extensions when parsing the body of chunked requests. This leads to HTTP Request Smuggling (HRS) under certain conditions. Discovery 2021-10-12 Entry 2021-10-14 node lt 16.11.1 node14 lt 14.18.1 CVE-2021-22959 CVE-2021-22960 https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/

VuXML ID

Description

a9c5e89d-2d15-11ec-8363-0022489ad614

Node.js -- October 2021 Security Releases

Node.js reports:

HTTP Request Smuggling due to spaced in headers (Medium)(CVE-2021-22959)

The http parser accepts requests with a space (SP) right after the header name before the colon. This can lead to HTTP Request Smuggling (HRS).

HTTP Request Smuggling when parsing the body (Medium)(CVE-2021-22960)

The parse ignores chunk extensions when parsing the body of chunked requests. This leads to HTTP Request Smuggling (HRS) under certain conditions.

Discovery 2021-10-12
Entry 2021-10-14
node

lt 16.11.1

node14

lt 14.18.1

CVE-2021-22959
CVE-2021-22960
https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/