Search Results (Refine Search)
- Keyword (text search): cpe:2.3:a:nodejs:nodejs:0.7.7:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2012-2330 |
The Update method in src/node_http_parser.cc in Node.js before 0.6.17 and 0.7 before 0.7.8 does not properly check the length of a string, which allows remote attackers to obtain sensitive information (request header contents) and possibly spoof HTTP headers via a zero length string. Published: August 13, 2012; 7:55:01 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 6.4 MEDIUM |