[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2022-32214":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":27,"aliases":37,"duplicate_of":9,"upstream":41,"downstream":42,"duplicates":85,"related":86,"reserved_at":9,"published_at":102,"modified_at":103,"state":104,"summary":105,"references_raw":113,"kevs":154,"epss":155,"epss_history":158,"metrics":399,"affected":410},"CVE-2022-32214","The llhttp parser \u003Cv14.20.1, \u003Cv16.17.1 and \u003Cv18.9.1 in the http module in Node.js does not strictly use the CRLF sequence to delimit HTTP requests. This can lead to HTTP Request Smuggling (HRS).",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-444","Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')","The product acts as an intermediary HTTP agent\n         (such as a proxy or firewall) in the data flow between two\n         entities such as a client and server, but it does not\n         interpret malformed HTTP requests or responses in ways that\n         are consistent with how the messages will be processed by\n         those entities that are at the ultimate destination.","weakness","Incomplete","Base",[19,23],{"id":20,"name":21,"techniques":22},"CAPEC-273","HTTP Response Smuggling",[],{"id":24,"name":25,"techniques":26},"CAPEC-33","HTTP Request Smuggling",[],[28],{"_key":29,"name":30,"source":31,"url":32,"maturity":33,"reliability_score":34,"verified":35,"type":9,"platforms":36,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_B26F3F4BCDEEEBE4","Exploit Reference (hackerone.com)","reference","https://hackerone.com/reports/1524692","unknown",0.2,false,[],[38,39,40],"GHSA-q5vx-44v4-gch4","BIT-node-2022-32214","BIT-node-min-2022-32214",[],[43,45,47,49,51,53,55,57,59,61,63,65,67,69,71,73,75,77,79,81,83],{"_key":44},"ALPINE-CVE-2022-32214",{"_key":46},"SUSE-SU-2022:2417-1",{"_key":48},"SUSE-SU-2022:2415-1",{"_key":50},"SUSE-SU-2022:2416-1",{"_key":52},"SUSE-SU-2023:0408-1",{"_key":54},"SUSE-SU-2022:2425-1",{"_key":56},"SUSE-SU-2022:2430-1",{"_key":58},"SUSE-SU-2022:2491-1",{"_key":60},"SUSE-SU-2022:2551-1",{"_key":62},"SUSE-SU-2022:2855-1",{"_key":64},"SUSE-SU-2023:0419-1",{"_key":66},"DSA-5326-1",{"_key":68},"RHSA-2022:6389",{"_key":70},"RHSA-2022:6448",{"_key":72},"RHSA-2022:6985",{"_key":74},"MGASA-2022-0294",{"_key":76},"USN-6491-1",{"_key":78},"UBUNTU-CVE-2022-32214",{"_key":80},"DEBIAN-CVE-2022-32214",{"_key":82},"RHSA-2022:6449",{"_key":84},"RHSA-2022:6595",[],[87,88,89,90,91,92,93,94,95,96,97,98,100],{"_key":46},{"_key":74},{"_key":48},{"_key":50},{"_key":52},{"_key":54},{"_key":56},{"_key":58},{"_key":60},{"_key":62},{"_key":64},{"_key":99},"CGA-V839-9X2C-5WMP",{"_key":101},"CGA-R3M6-HRJP-7J33","2022-07-14T00:00:00.000Z","2025-04-30T22:24:43.342Z","Modified",{"cisa_kev":35,"cisa_ransomware":35,"cisa_vendor":9,"epss_severity":106,"epss_score":107,"severity":108,"severity_score":109,"severity_version":110,"severity_source":111,"severity_vector":112,"severity_status":104},"high",0.39294,"medium",6.5,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",[114,121,129,133,138,142,146,150],{"url":115,"sources":116,"tags":118},"https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/",[117,111],"cve.org",[119,120],"Patch","Vendor Advisory",{"url":32,"sources":122,"tags":124},[117,111,123],"osv_npm",[125,126,127,128],"Exploit","Issue Tracking","Third Party Advisory","WEB",{"url":130,"sources":131,"tags":132},"https://www.debian.org/security/2023/dsa-5326",[117,111,123],[120,127,128],{"url":134,"sources":135,"tags":136},"https://nvd.nist.gov/vuln/detail/CVE-2022-32214",[123],[137],"Advisory",{"url":139,"sources":140,"tags":141},"https://github.com/nodejs/llhttp/commit/18a4afc7ffb4e49dc9e2daebc50588199a6d1dbb",[123],[128],{"url":143,"sources":144,"tags":145},"https://datatracker.ietf.org/doc/html/rfc7230#section-3",[123],[128],{"url":147,"sources":148,"tags":149},"https://nodejs.org/en/blog/vulnerability/july-2022-security-releases",[123],[128],{"url":151,"sources":152,"tags":153},"https://security.netapp.com/advisory/ntap-20220915-0001",[123],[128],[],{"date":156,"score":107,"percentile":157},"2026-06-04",0.97368,[159,163,166,169,171,173,175,177,179,181,184,186,189,191,193,197,200,203,206,209,211,213,216,218,220,222,224,226,230,234,237,241,243,245,248,251,254,257,260,263,266,268,271,274,277,279,282,285,289,291,293,296,299,301,304,307,309,312,315,319,322,325,327,330,333,335,338,341,344,346,349,352,355,358,361,363,365,367,369,372,375,378,381,383,385,387,390,392,394,396],{"date":160,"score":161,"percentile":162},"2025-11-04",0.61997,0.98255,{"date":164,"score":161,"percentile":165},"2025-11-05",0.98254,{"date":167,"score":161,"percentile":168},"2025-11-06",0.98256,{"date":170,"score":161,"percentile":162},"2025-11-07",{"date":172,"score":161,"percentile":165},"2025-11-08",{"date":174,"score":161,"percentile":165},"2025-11-09",{"date":176,"score":161,"percentile":165},"2025-11-10",{"date":178,"score":161,"percentile":165},"2025-11-11",{"date":180,"score":161,"percentile":162},"2025-11-12",{"date":182,"score":161,"percentile":183},"2025-11-13",0.98257,{"date":185,"score":161,"percentile":168},"2025-11-14",{"date":187,"score":161,"percentile":188},"2025-11-15",0.98252,{"date":190,"score":161,"percentile":188},"2025-11-16",{"date":192,"score":161,"percentile":188},"2025-11-17",{"date":194,"score":195,"percentile":196},"2025-11-18",0.00705,0.69859,{"date":198,"score":195,"percentile":199},"2025-11-19",0.69868,{"date":201,"score":195,"percentile":202},"2025-11-20",0.69875,{"date":204,"score":161,"percentile":205},"2025-11-21",0.98248,{"date":207,"score":161,"percentile":208},"2025-11-22",0.98247,{"date":210,"score":161,"percentile":208},"2025-11-23",{"date":212,"score":161,"percentile":208},"2025-11-24",{"date":214,"score":161,"percentile":215},"2025-11-25",0.98249,{"date":217,"score":161,"percentile":215},"2025-11-26",{"date":219,"score":161,"percentile":215},"2025-11-27",{"date":221,"score":161,"percentile":215},"2025-11-28",{"date":223,"score":161,"percentile":215},"2025-11-29",{"date":225,"score":161,"percentile":205},"2025-11-30",{"date":227,"score":228,"percentile":229},"2025-12-01",0.28493,0.9636,{"date":231,"score":232,"percentile":233},"2025-12-02",0.2124,0.95485,{"date":235,"score":232,"percentile":236},"2025-12-03",0.95487,{"date":238,"score":239,"percentile":240},"2025-12-04",0.49734,0.9767,{"date":242,"score":239,"percentile":240},"2025-12-05",{"date":244,"score":239,"percentile":240},"2025-12-06",{"date":246,"score":239,"percentile":247},"2025-12-07",0.97673,{"date":249,"score":239,"percentile":250},"2025-12-08",0.97675,{"date":252,"score":239,"percentile":253},"2025-12-09",0.97674,{"date":255,"score":239,"percentile":256},"2025-12-10",0.97679,{"date":258,"score":239,"percentile":259},"2025-12-11",0.97681,{"date":261,"score":239,"percentile":262},"2025-12-12",0.97685,{"date":264,"score":239,"percentile":265},"2025-12-13",0.97686,{"date":267,"score":239,"percentile":262},"2025-12-14",{"date":269,"score":239,"percentile":270},"2025-12-15",0.97688,{"date":272,"score":239,"percentile":273},"2025-12-16",0.97689,{"date":275,"score":239,"percentile":276},"2025-12-17",0.97692,{"date":278,"score":239,"percentile":276},"2025-12-18",{"date":280,"score":239,"percentile":281},"2025-12-19",0.97694,{"date":283,"score":239,"percentile":284},"2025-12-20",0.97693,{"date":286,"score":287,"percentile":288},"2025-12-21",0.45841,0.97491,{"date":290,"score":287,"percentile":288},"2025-12-22",{"date":292,"score":287,"percentile":288},"2025-12-23",{"date":294,"score":287,"percentile":295},"2025-12-24",0.97493,{"date":297,"score":287,"percentile":298},"2025-12-25",0.97495,{"date":300,"score":287,"percentile":298},"2025-12-26",{"date":302,"score":287,"percentile":303},"2025-12-27",0.9752,{"date":305,"score":287,"percentile":306},"2025-12-28",0.97496,{"date":308,"score":287,"percentile":306},"2025-12-29",{"date":310,"score":287,"percentile":311},"2025-12-30",0.97497,{"date":313,"score":287,"percentile":314},"2025-12-31",0.97501,{"date":316,"score":317,"percentile":318},"2026-01-01",0.18507,0.95079,{"date":320,"score":317,"percentile":321},"2026-01-02",0.95074,{"date":323,"score":317,"percentile":324},"2026-01-03",0.9507,{"date":326,"score":287,"percentile":314},"2026-01-04",{"date":328,"score":287,"percentile":329},"2026-01-05",0.975,{"date":331,"score":287,"percentile":332},"2026-01-06",0.97502,{"date":334,"score":287,"percentile":332},"2026-01-07",{"date":336,"score":287,"percentile":337},"2026-01-08",0.97504,{"date":339,"score":287,"percentile":340},"2026-01-09",0.97508,{"date":342,"score":287,"percentile":343},"2026-01-10",0.97509,{"date":345,"score":287,"percentile":343},"2026-01-11",{"date":347,"score":287,"percentile":348},"2026-01-12",0.9751,{"date":350,"score":287,"percentile":351},"2026-01-13",0.97511,{"date":353,"score":287,"percentile":354},"2026-01-14",0.97515,{"date":356,"score":287,"percentile":357},"2026-01-15",0.97516,{"date":359,"score":287,"percentile":360},"2026-01-16",0.97519,{"date":362,"score":287,"percentile":303},"2026-01-17",{"date":364,"score":287,"percentile":354},"2026-01-18",{"date":366,"score":287,"percentile":354},"2026-01-19",{"date":368,"score":287,"percentile":357},"2026-01-20",{"date":370,"score":287,"percentile":371},"2026-01-21",0.97517,{"date":373,"score":287,"percentile":374},"2026-01-22",0.97518,{"date":376,"score":287,"percentile":377},"2026-01-23",0.97521,{"date":379,"score":287,"percentile":380},"2026-01-24",0.97522,{"date":382,"score":287,"percentile":303},"2026-01-25",{"date":384,"score":287,"percentile":377},"2026-01-26",{"date":386,"score":287,"percentile":380},"2026-01-27",{"date":388,"score":287,"percentile":389},"2026-01-28",0.97523,{"date":391,"score":287,"percentile":389},"2026-01-29",{"date":393,"score":287,"percentile":380},"2026-01-30",{"date":395,"score":287,"percentile":380},"2026-01-31",{"date":397,"score":317,"percentile":398},"2026-02-01",0.95097,[400,405],{"source":111,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":401,"cvss_v4_0":9},{"baseScore":109,"baseSeverity":402,"vectorString":112,"impactScore":403,"exploitabilityScore":404},"MEDIUM",4.2,10,{"source":123,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":406,"cvss_v4_0":9},{"baseScore":407,"baseSeverity":9,"vectorString":408,"impactScore":409,"exploitabilityScore":404},9.1,"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",8.7,[411,420,434,497,518,525],{"ecosystem":9,"name":412,"vendor":413,"product":414,"cpe_part":415,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":416},"debian linux","debian","debian_linux","o",[417],{"version":418,"is_range":35,"range_type":419,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11.0","cpe",{"ecosystem":9,"name":421,"vendor":421,"product":421,"cpe_part":422,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":423},"llhttp","a",[424,429],{"version":425,"is_range":426,"range_type":419,"version_start":9,"version_start_type":9,"version_end":427,"version_end_type":428,"fixed_in":9},"lt2.1.5",true,"2.1.5","excluding",{"version":430,"is_range":426,"range_type":419,"version_start":431,"version_start_type":432,"version_end":433,"version_end_type":428,"fixed_in":9},"gte6.0.0_lt6.0.7","6.0.0","including","6.0.7",{"ecosystem":9,"name":435,"vendor":436,"product":435,"cpe_part":422,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":437},"node","nodejs",[438,442,446,450,454,458,462,466,469,473,477,481,485,489,493],{"version":439,"is_range":426,"range_type":117,"version_start":440,"version_start_type":432,"version_end":441,"version_end_type":428,"fixed_in":9},">= 4.0, \u003C 4.*","4.0","4.*",{"version":443,"is_range":426,"range_type":117,"version_start":444,"version_start_type":432,"version_end":445,"version_end_type":428,"fixed_in":9},">= 5.0, \u003C 5.*","5.0","5.*",{"version":447,"is_range":426,"range_type":117,"version_start":448,"version_start_type":432,"version_end":449,"version_end_type":428,"fixed_in":9},">= 6.0, \u003C 6.*","6.0","6.*",{"version":451,"is_range":426,"range_type":117,"version_start":452,"version_start_type":432,"version_end":453,"version_end_type":428,"fixed_in":9},">= 7.0, \u003C 7.*","7.0","7.*",{"version":455,"is_range":426,"range_type":117,"version_start":456,"version_start_type":432,"version_end":457,"version_end_type":428,"fixed_in":9},">= 8.0, \u003C 8.*","8.0","8.*",{"version":459,"is_range":426,"range_type":117,"version_start":460,"version_start_type":432,"version_end":461,"version_end_type":428,"fixed_in":9},">= 9.0, \u003C 9.*","9.0","9.*",{"version":463,"is_range":426,"range_type":117,"version_start":464,"version_start_type":432,"version_end":465,"version_end_type":428,"fixed_in":9},">= 10.0, \u003C 10.*","10.0","10.*",{"version":467,"is_range":426,"range_type":117,"version_start":418,"version_start_type":432,"version_end":468,"version_end_type":428,"fixed_in":9},">= 11.0, \u003C 11.*","11.*",{"version":470,"is_range":426,"range_type":117,"version_start":471,"version_start_type":432,"version_end":472,"version_end_type":428,"fixed_in":9},">= 12.0, \u003C 12.*","12.0","12.*",{"version":474,"is_range":426,"range_type":117,"version_start":475,"version_start_type":432,"version_end":476,"version_end_type":428,"fixed_in":9},">= 13.0, \u003C 13.*","13.0","13.*",{"version":478,"is_range":426,"range_type":117,"version_start":479,"version_start_type":432,"version_end":480,"version_end_type":428,"fixed_in":9},">= 14.0, \u003C 14.20.0","14.0","14.20.0",{"version":482,"is_range":426,"range_type":117,"version_start":483,"version_start_type":432,"version_end":484,"version_end_type":428,"fixed_in":9},">= 15.0, \u003C 15.*","15.0","15.*",{"version":486,"is_range":426,"range_type":117,"version_start":487,"version_start_type":432,"version_end":488,"version_end_type":428,"fixed_in":9},">= 16.0, \u003C 16.20.0","16.0","16.20.0",{"version":490,"is_range":426,"range_type":117,"version_start":491,"version_start_type":432,"version_end":492,"version_end_type":428,"fixed_in":9},">= 17.0, \u003C 17.*","17.0","17.*",{"version":494,"is_range":426,"range_type":117,"version_start":495,"version_start_type":432,"version_end":496,"version_end_type":428,"fixed_in":9},">= 18.0, \u003C 18.5.0","18.0","18.5.0",{"ecosystem":9,"name":498,"vendor":436,"product":498,"cpe_part":422,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":499},"node.js",[500,504,507,511,515],{"version":501,"is_range":426,"range_type":419,"version_start":502,"version_start_type":432,"version_end":503,"version_end_type":432,"fixed_in":9},"gte14.0.0_lte14.14.0","14.0.0","14.14.0",{"version":505,"is_range":426,"range_type":419,"version_start":506,"version_start_type":432,"version_end":480,"version_end_type":428,"fixed_in":9},"gte14.15.0_lt14.20.0","14.15.0",{"version":508,"is_range":426,"range_type":419,"version_start":509,"version_start_type":432,"version_end":510,"version_end_type":432,"fixed_in":9},"gte16.0.0_lte16.12.0","16.0.0","16.12.0",{"version":512,"is_range":426,"range_type":419,"version_start":513,"version_start_type":432,"version_end":514,"version_end_type":428,"fixed_in":9},"gte16.13.0_lt16.16.0","16.13.0","16.16.0",{"version":516,"is_range":426,"range_type":419,"version_start":517,"version_start_type":432,"version_end":496,"version_end_type":428,"fixed_in":9},"gte18.0.0_lt18.5.0","18.0.0",{"ecosystem":519,"name":421,"vendor":519,"product":421,"cpe_part":9,"purl_type":520,"purl_namespace":9,"purl_name":421,"source":9,"versions":521},"Npm","npm",[522],{"version":523,"is_range":426,"range_type":524,"version_start":9,"version_start_type":9,"version_end":433,"version_end_type":428,"fixed_in":9},"lt6_0_7","semver",{"ecosystem":9,"name":526,"vendor":527,"product":528,"cpe_part":422,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":529},"stormshield management center","stormshield","stormshield_management_center",[530],{"version":531,"is_range":426,"range_type":419,"version_start":9,"version_start_type":9,"version_end":532,"version_end_type":428,"fixed_in":9},"lt3.3.0","3.3.0"]