WEB Node.js llhttp Module Multi-line Transfer-Encoding Handling HTTP Request Smuggling (CVE-2022-32215)

Rule ID

1232021

Severity

Medium

Description

An HTTP request smuggling vulnerability has been reported in Node.js. The vulnerability is due to improper input validation of Transfer-Encoding headers in incoming HTTP requests.

Impact

Others

Recommendation

Update vendor's patch.

IPS Category

Buffer Overflow

IPS Anomaly Group

N/A

IPS Rule Default Action

Allow

Reference

CVE-2022-32215

T1190

T0819

Keyword

N/A

Created At

2022/12/27

Updated At

2022/12/30

This website uses cookies to ensure you get the best experience on our website.

Learn more