« List of all CVEs

CVE-2016-2086

Published: 4/7/2016 Last updated: 8/5/2024 Reserved: 1/27/2016

Node.js 0.10.x before 0.10.42, 0.12.x before 0.12.10, 4.x before 4.3.0, and 5.x before 5.6.0 allow remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header.

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Opam packages affected (1)

conf-npm

Products affected (1)

Product Vendor Version
n/a n/a < 6.0.6003.21167

References (10)