SecuritySpace - CVE-2018-12116

Vulnerability Search		Search 324607 CVE descriptions and 146377 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2018-12116

Description: Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user- provided Unicode data for the `path` option of an HTTP request, then data can be provided which will trigger a second, unexpected, and user-defined HTTP request to made to the same server.

Test IDs: 1.3.6.1.4.1.25623.1.0.814522 1.3.6.1.4.1.25623.1.0.814521

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2018-12116
https://security.gentoo.org/glsa/202003-48
RedHat Security Advisories: RHSA-2019:1821
https://access.redhat.com/errata/RHSA-2019:1821

CVE ID:	CVE-2018-12116
Description:	Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user- provided Unicode data for the `path` option of an HTTP request, then data can be provided which will trigger a second, unexpected, and user-defined HTTP request to made to the same server.
Test IDs:	1.3.6.1.4.1.25623.1.0.814522 1.3.6.1.4.1.25623.1.0.814521
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2018-12116 https://security.gentoo.org/glsa/202003-48 RedHat Security Advisories: RHSA-2019:1821 https://access.redhat.com/errata/RHSA-2019:1821