Vulnerability CVE-2024-27982


Published: 2024-05-07

Description:
The team has identified a critical vulnerability in the http server of the most recent version of Node, where malformed headers can lead to HTTP request smuggling. Specifically, if a space is placed before a content-length header, it is not interpreted correctly, enabling attackers to smuggle in a second request within the body of the first.

 References:
https://hackerone.com/reports/2237099

Copyright 2026, cxsecurity.com

 

Back to Top