[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2020-8287":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T20:55:29.923Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":27,"aliases":37,"duplicate_of":9,"upstream":38,"downstream":39,"duplicates":98,"related":99,"reserved_at":9,"published_at":116,"modified_at":117,"state":118,"summary":119,"references_raw":126,"kevs":173,"epss":174,"epss_history":177,"metrics":433,"affected":443},"CVE-2020-8287","Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 allow two copies of a header field in an HTTP request (for example, two Transfer-Encoding header fields). In this case, Node.js identifies the first header field and ignores the second. This can lead to HTTP Request Smuggling.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-444","Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')","The product acts as an intermediary HTTP agent\n         (such as a proxy or firewall) in the data flow between two\n         entities such as a client and server, but it does not\n         interpret malformed HTTP requests or responses in ways that\n         are consistent with how the messages will be processed by\n         those entities that are at the ultimate destination.","weakness","Incomplete","Base",[19,23],{"id":20,"name":21,"techniques":22},"CAPEC-273","HTTP Response Smuggling",[],{"id":24,"name":25,"techniques":26},"CAPEC-33","HTTP Request Smuggling",[],[28],{"_key":29,"name":30,"source":31,"url":32,"maturity":33,"reliability_score":34,"verified":35,"type":9,"platforms":36,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_4E5625E894A0DEC6","Exploit Reference (hackerone.com)","reference","https://hackerone.com/reports/1002188","unknown",0.2,false,[],[],[],[40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84,86,88,90,92,94,96],{"_key":41},"ALPINE-CVE-2020-8287",{"_key":43},"SUSE-SU-2021:0060-1",{"_key":45},"SUSE-SU-2021:0061-1",{"_key":47},"SUSE-SU-2021:0062-1",{"_key":49},"SUSE-SU-2021:0068-1",{"_key":51},"SUSE-SU-2021:0082-1",{"_key":53},"SUSE-SU-2021:0107-1",{"_key":55},"SUSE-SU-2021:0121-1",{"_key":57},"SUSE-SU-2021:0224-1",{"_key":59},"OPENSUSE-SU-2021:0064-1",{"_key":61},"OPENSUSE-SU-2021:0065-1",{"_key":63},"OPENSUSE-SU-2021:0066-1",{"_key":65},"OPENSUSE-SU-2021:0082-1",{"_key":67},"OPENSUSE-SU-2021:0195-1",{"_key":69},"OPENSUSE-SU-2024:11096-1",{"_key":71},"DLA-3224-1",{"_key":73},"DSA-4826-1",{"_key":75},"RHSA-2021:0485",{"_key":77},"RHSA-2021:0549",{"_key":79},"MGASA-2021-0069",{"_key":81},"MGASA-2022-0393",{"_key":83},"USN-5563-1",{"_key":85},"DEBIAN-CVE-2020-8287",{"_key":87},"UBUNTU-CVE-2020-8287",{"_key":89},"USN-6380-1",{"_key":91},"RHSA-2021:0421",{"_key":93},"RHSA-2021:0521",{"_key":95},"RHSA-2021:0548",{"_key":97},"RHSA-2021:0551",[],[100,101,102,103,104,105,106,107,108,109,110,111,112,113,114,115],{"_key":43},{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":59},{"_key":61},{"_key":63},{"_key":65},{"_key":67},{"_key":69},{"_key":79},{"_key":81},"2021-01-06T00:00:00.000Z","2025-04-30T22:24:29.487Z","Modified",{"cisa_kev":35,"cisa_ransomware":35,"cisa_vendor":9,"epss_severity":120,"epss_score":121,"severity":120,"severity_score":122,"severity_version":123,"severity_source":124,"severity_vector":125,"severity_status":118},"medium",0.11865,6.5,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",[127,134,140,144,148,152,156,160,164,168],{"url":32,"sources":128,"tags":130},[129,124],"cve.org",[131,132,133],"Exploit","Issue Tracking","Third Party Advisory",{"url":135,"sources":136,"tags":137},"https://nodejs.org/en/blog/vulnerability/january-2021-security-releases/",[129,124],[138,139],"Patch","Vendor Advisory",{"url":141,"sources":142,"tags":143},"https://www.debian.org/security/2021/dsa-4826",[129,124],[139,133],{"url":145,"sources":146,"tags":147},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K4I6MZNC7C7VIDQR267OL4TVCI3ZKAC4/",[129,124],[139],{"url":149,"sources":150,"tags":151},"https://security.gentoo.org/glsa/202101-07",[129,124],[139,133],{"url":153,"sources":154,"tags":155},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H472D5HPXN6RRXCNFML3BK5OYC52CXF2/",[129,124],[139],{"url":157,"sources":158,"tags":159},"https://www.oracle.com/security-alerts/cpujan2021.html",[129,124],[133],{"url":161,"sources":162,"tags":163},"https://security.netapp.com/advisory/ntap-20210212-0003/",[129,124],[133],{"url":165,"sources":166,"tags":167},"https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf",[129,124],[138,133],{"url":169,"sources":170,"tags":171},"https://lists.debian.org/debian-lts-announce/2022/12/msg00009.html",[129,124],[172,133],"Mailing List",[],{"date":175,"score":121,"percentile":176},"2026-06-04",0.93861,[178,182,184,187,190,193,196,198,201,204,207,210,213,216,219,223,226,229,232,235,238,241,244,246,248,251,253,255,259,262,265,268,271,274,277,280,283,286,289,292,295,298,301,303,306,309,312,315,317,320,322,325,328,331,334,337,340,342,345,348,351,354,356,358,361,363,365,367,369,372,375,377,380,383,387,390,393,396,398,401,404,407,410,413,416,419,422,424,427,429],{"date":179,"score":180,"percentile":181},"2025-11-04",0.11163,0.93157,{"date":183,"score":180,"percentile":181},"2025-11-05",{"date":185,"score":180,"percentile":186},"2025-11-06",0.93159,{"date":188,"score":180,"percentile":189},"2025-11-07",0.93165,{"date":191,"score":180,"percentile":192},"2025-11-08",0.93163,{"date":194,"score":180,"percentile":195},"2025-11-09",0.93162,{"date":197,"score":180,"percentile":195},"2025-11-10",{"date":199,"score":180,"percentile":200},"2025-11-11",0.93166,{"date":202,"score":180,"percentile":203},"2025-11-12",0.93173,{"date":205,"score":180,"percentile":206},"2025-11-13",0.93176,{"date":208,"score":180,"percentile":209},"2025-11-14",0.93178,{"date":211,"score":121,"percentile":212},"2025-11-15",0.93436,{"date":214,"score":121,"percentile":215},"2025-11-16",0.9344,{"date":217,"score":121,"percentile":218},"2025-11-17",0.93438,{"date":220,"score":221,"percentile":222},"2025-11-18",0.22355,0.95434,{"date":224,"score":221,"percentile":225},"2025-11-19",0.95435,{"date":227,"score":221,"percentile":228},"2025-11-20",0.95438,{"date":230,"score":121,"percentile":231},"2025-11-21",0.93448,{"date":233,"score":121,"percentile":234},"2025-11-22",0.93447,{"date":236,"score":121,"percentile":237},"2025-11-23",0.93453,{"date":239,"score":121,"percentile":240},"2025-11-24",0.93455,{"date":242,"score":121,"percentile":243},"2025-11-25",0.93456,{"date":245,"score":121,"percentile":240},"2025-11-26",{"date":247,"score":121,"percentile":243},"2025-11-27",{"date":249,"score":121,"percentile":250},"2025-11-28",0.93449,{"date":252,"score":121,"percentile":243},"2025-11-29",{"date":254,"score":121,"percentile":240},"2025-11-30",{"date":256,"score":257,"percentile":258},"2025-12-01",0.1134,0.93309,{"date":260,"score":257,"percentile":261},"2025-12-02",0.93313,{"date":263,"score":257,"percentile":264},"2025-12-03",0.93315,{"date":266,"score":121,"percentile":267},"2025-12-04",0.93458,{"date":269,"score":121,"percentile":270},"2025-12-05",0.93462,{"date":272,"score":121,"percentile":273},"2025-12-06",0.9346,{"date":275,"score":121,"percentile":276},"2025-12-07",0.93461,{"date":278,"score":121,"percentile":279},"2025-12-08",0.93464,{"date":281,"score":121,"percentile":282},"2025-12-09",0.93465,{"date":284,"score":121,"percentile":285},"2025-12-10",0.93469,{"date":287,"score":121,"percentile":288},"2025-12-11",0.93473,{"date":290,"score":121,"percentile":291},"2025-12-12",0.93477,{"date":293,"score":121,"percentile":294},"2025-12-13",0.9348,{"date":296,"score":121,"percentile":297},"2025-12-14",0.93479,{"date":299,"score":121,"percentile":300},"2025-12-15",0.93482,{"date":302,"score":121,"percentile":297},"2025-12-16",{"date":304,"score":121,"percentile":305},"2025-12-17",0.93483,{"date":307,"score":121,"percentile":308},"2025-12-18",0.93486,{"date":310,"score":121,"percentile":311},"2025-12-19",0.93487,{"date":313,"score":121,"percentile":314},"2025-12-20",0.93484,{"date":316,"score":121,"percentile":311},"2025-12-21",{"date":318,"score":121,"percentile":319},"2025-12-22",0.93494,{"date":321,"score":121,"percentile":308},"2025-12-23",{"date":323,"score":121,"percentile":324},"2025-12-24",0.9349,{"date":326,"score":121,"percentile":327},"2025-12-25",0.93504,{"date":329,"score":121,"percentile":330},"2025-12-26",0.93501,{"date":332,"score":121,"percentile":333},"2025-12-27",0.93535,{"date":335,"score":121,"percentile":336},"2025-12-28",0.93499,{"date":338,"score":121,"percentile":339},"2025-12-29",0.93498,{"date":341,"score":121,"percentile":339},"2025-12-30",{"date":343,"score":121,"percentile":344},"2025-12-31",0.93503,{"date":346,"score":257,"percentile":347},"2026-01-01",0.93361,{"date":349,"score":257,"percentile":350},"2026-01-02",0.93356,{"date":352,"score":257,"percentile":353},"2026-01-03",0.93355,{"date":355,"score":121,"percentile":339},"2026-01-04",{"date":357,"score":121,"percentile":319},"2026-01-05",{"date":359,"score":121,"percentile":360},"2026-01-06",0.93496,{"date":362,"score":121,"percentile":360},"2026-01-07",{"date":364,"score":121,"percentile":336},"2026-01-08",{"date":366,"score":121,"percentile":344},"2026-01-09",{"date":368,"score":121,"percentile":327},"2026-01-10",{"date":370,"score":121,"percentile":371},"2026-01-11",0.93502,{"date":373,"score":121,"percentile":374},"2026-01-12",0.935,{"date":376,"score":121,"percentile":336},"2026-01-13",{"date":378,"score":121,"percentile":379},"2026-01-14",0.93508,{"date":381,"score":121,"percentile":382},"2026-01-15",0.93509,{"date":384,"score":385,"percentile":386},"2026-01-16",0.11054,0.93219,{"date":388,"score":385,"percentile":389},"2026-01-17",0.93222,{"date":391,"score":385,"percentile":392},"2026-01-18",0.93217,{"date":394,"score":385,"percentile":395},"2026-01-19",0.93218,{"date":397,"score":385,"percentile":386},"2026-01-20",{"date":399,"score":385,"percentile":400},"2026-01-21",0.93224,{"date":402,"score":385,"percentile":403},"2026-01-22",0.93227,{"date":405,"score":385,"percentile":406},"2026-01-23",0.93232,{"date":408,"score":385,"percentile":409},"2026-01-24",0.93237,{"date":411,"score":385,"percentile":412},"2026-01-25",0.93239,{"date":414,"score":385,"percentile":415},"2026-01-26",0.93241,{"date":417,"score":385,"percentile":418},"2026-01-27",0.93243,{"date":420,"score":385,"percentile":421},"2026-01-28",0.93247,{"date":423,"score":385,"percentile":421},"2026-01-29",{"date":425,"score":385,"percentile":426},"2026-01-30",0.93246,{"date":428,"score":385,"percentile":421},"2026-01-31",{"date":430,"score":431,"percentile":432},"2026-02-01",0.10559,0.93118,[434],{"source":124,"cvss_v2_0":435,"cvss_v3_0":9,"cvss_v3_1":440,"cvss_v4_0":9},{"baseScore":436,"baseSeverity":9,"vectorString":437,"impactScore":438,"exploitabilityScore":439},6.4,"AV:N/AC:L/Au:N/C:P/I:P/A:N",4.9,10,{"baseScore":122,"baseSeverity":441,"vectorString":125,"impactScore":442,"exploitabilityScore":439},"MEDIUM",4.2,[444,453,461,516,531,539],{"ecosystem":9,"name":445,"vendor":446,"product":447,"cpe_part":448,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":449},"debian linux","debian","debian_linux","o",[450],{"version":451,"is_range":35,"range_type":452,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.0","cpe",{"ecosystem":9,"name":454,"vendor":455,"product":454,"cpe_part":448,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":456},"fedora","fedoraproject",[457,459],{"version":458,"is_range":35,"range_type":452,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"32",{"version":460,"is_range":35,"range_type":452,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"33",{"ecosystem":9,"name":462,"vendor":463,"product":462,"cpe_part":464,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":465},"node","nodejs","a",[466,473,477,481,485,489,493,496,500,504,508,512],{"version":467,"is_range":468,"range_type":129,"version_start":469,"version_start_type":470,"version_end":471,"version_end_type":472,"fixed_in":9},">= 4.0, \u003C 4.*",true,"4.0","including","4.*","excluding",{"version":474,"is_range":468,"range_type":129,"version_start":475,"version_start_type":470,"version_end":476,"version_end_type":472,"fixed_in":9},">= 5.0, \u003C 5.*","5.0","5.*",{"version":478,"is_range":468,"range_type":129,"version_start":479,"version_start_type":470,"version_end":480,"version_end_type":472,"fixed_in":9},">= 6.0, \u003C 6.*","6.0","6.*",{"version":482,"is_range":468,"range_type":129,"version_start":483,"version_start_type":470,"version_end":484,"version_end_type":472,"fixed_in":9},">= 7.0, \u003C 7.*","7.0","7.*",{"version":486,"is_range":468,"range_type":129,"version_start":487,"version_start_type":470,"version_end":488,"version_end_type":472,"fixed_in":9},">= 8.0, \u003C 8.*","8.0","8.*",{"version":490,"is_range":468,"range_type":129,"version_start":491,"version_start_type":470,"version_end":492,"version_end_type":472,"fixed_in":9},">= 9.0, \u003C 9.*","9.0","9.*",{"version":494,"is_range":468,"range_type":129,"version_start":451,"version_start_type":470,"version_end":495,"version_end_type":472,"fixed_in":9},">= 10.0, \u003C 10.23.1","10.23.1",{"version":497,"is_range":468,"range_type":129,"version_start":498,"version_start_type":470,"version_end":499,"version_end_type":472,"fixed_in":9},">= 11.0, \u003C 11.*","11.0","11.*",{"version":501,"is_range":468,"range_type":129,"version_start":502,"version_start_type":470,"version_end":503,"version_end_type":472,"fixed_in":9},">= 12.0, \u003C 12.20.1","12.0","12.20.1",{"version":505,"is_range":468,"range_type":129,"version_start":506,"version_start_type":470,"version_end":507,"version_end_type":472,"fixed_in":9},">= 13.0, \u003C 13.*","13.0","13.*",{"version":509,"is_range":468,"range_type":129,"version_start":510,"version_start_type":470,"version_end":511,"version_end_type":472,"fixed_in":9},">= 14.0, \u003C 14.15.4","14.0","14.15.4",{"version":513,"is_range":468,"range_type":129,"version_start":514,"version_start_type":470,"version_end":515,"version_end_type":472,"fixed_in":9},">= 15.0, \u003C 15.5.1","15.0","15.5.1",{"ecosystem":9,"name":517,"vendor":463,"product":517,"cpe_part":464,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":518},"node.js",[519,522,525,528],{"version":520,"is_range":468,"range_type":452,"version_start":521,"version_start_type":470,"version_end":495,"version_end_type":472,"fixed_in":9},"gte10.0.0_lt10.23.1","10.0.0",{"version":523,"is_range":468,"range_type":452,"version_start":524,"version_start_type":470,"version_end":503,"version_end_type":472,"fixed_in":9},"gte12.0.0_lt12.20.1","12.0.0",{"version":526,"is_range":468,"range_type":452,"version_start":527,"version_start_type":470,"version_end":511,"version_end_type":472,"fixed_in":9},"gte14.0.0_lt14.15.4","14.0.0",{"version":529,"is_range":468,"range_type":452,"version_start":530,"version_start_type":470,"version_end":515,"version_end_type":472,"fixed_in":9},"gte15.0.0_lt15.5.1","15.0.0",{"ecosystem":9,"name":532,"vendor":533,"product":532,"cpe_part":464,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":534},"graalvm","oracle",[535,537],{"version":536,"is_range":35,"range_type":452,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"19.3.4",{"version":538,"is_range":35,"range_type":452,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"20.3.0",{"ecosystem":9,"name":540,"vendor":541,"product":542,"cpe_part":464,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":543},"sinec infrastructure network services","siemens","sinec_infrastructure_network_services",[544],{"version":545,"is_range":468,"range_type":452,"version_start":9,"version_start_type":9,"version_end":546,"version_end_type":472,"fixed_in":9},"lt1.0.1.1","1.0.1.1"]