MGASA-2020-0131

Advisory lineage Upstream: 1 Downstream: 0

Upstream

CVE-2019-15605

Published: 08 Mar 2020, 22:37

Last modified:16 Apr 2026, 04:25

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

08 Mar 2020, 22:37

Published

Vulnerability first disclosed

16 Apr 2026, 04:25

Last Modified

Vulnerability information updated

Description

Updated http-parser packages fix security vulnerability http-parser has been updated to fix a security issue. HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed (VE-2019-15605).

Affected Systems

mageia•http-parser
< 2.9.3-1.mga7

References (3)

https://advisories.mageia.org/MGASA-2020-0131.html
https://bugs.mageia.org/show_bug.cgi?id=26293
https://access.redhat.com/errata/RHSA-2020:0703