CVE-2019-15605

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2019-15605
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-15605.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2019-15605
Downstream
Related
Published
2020-02-07T15:15:11.287Z
Modified
2026-04-02T01:49:17.194974Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed

References

Affected packages

Git / github.com/graalvm/graalvm-ce-builds

Affected ranges

Type
GIT
Repo
https://github.com/graalvm/graalvm-ce-builds
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
a73b2856ee6290a92e3b199b17b217d31e9f9254
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
a73b2856ee6290a92e3b199b17b217d31e9f9254
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "19.3.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "20.0.0"
        }
    ]
}
Type
GIT
Repo
https://github.com/nodejs/node
Events
Introduced
cf41627411886000429bde058a6594fb7f6d6d47
Fixed
5ba7df3c4b81ab695029dacf34a0aa960be71372
Introduced
2f45ad8060e13d5ac912335096d21526f2f9602b
Fixed
31d3b6d9cbf6f533e7990fa1b7f82976bc384c64
Introduced
111e59b0bcbd364d6f16722ace6dd035e23df2cc
Fixed
6558cfc0b075adfffe0d8c87bbe0d3e0b9326ab5
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
cf41627411886000429bde058a6594fb7f6d6d47
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
2291e079f22e6df1f7683a05d17364b2ab3bfdab
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
b82bb600370db7207a39e53329af228f6af3ffa1
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
0d8021e5a4cf0a6aa3a700a361f6d42c2894f2ba
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
362fe010fe8f6feb0030e1e02c689b501e11ddb7
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
a7ffa8d3fde90e16e1e7f6130fc1665b7d541939
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
f6fc46e03674ab1896792b7363ecac0665b5e0c5
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
eb66efd6052801e2f10360c51787569da0185808
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
56a0577b2ebf111346779cf790a1f54e0e464078
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
b48ff2aa1e57e761fa0825e3dc78105a0d016e16
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
362fe010fe8f6feb0030e1e02c689b501e11ddb7
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
a7ffa8d3fde90e16e1e7f6130fc1665b7d541939
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
eb66efd6052801e2f10360c51787569da0185808
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
56a0577b2ebf111346779cf790a1f54e0e464078
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
b48ff2aa1e57e761fa0825e3dc78105a0d016e16
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
a7ffa8d3fde90e16e1e7f6130fc1665b7d541939
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
eb66efd6052801e2f10360c51787569da0185808
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
56a0577b2ebf111346779cf790a1f54e0e464078
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
b48ff2aa1e57e761fa0825e3dc78105a0d016e16
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
362fe010fe8f6feb0030e1e02c689b501e11ddb7
Database specific 
{
    "versions": [
        {
            "introduced": "10.0.0"
        },
        {
            "fixed": "10.19.0"
        },
        {
            "introduced": "12.0.0"
        },
        {
            "fixed": "12.15.0"
        },
        {
            "introduced": "13.0.0"
        },
        {
            "fixed": "13.8.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "10.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "15.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.7"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.4"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.6"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.7"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.4"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.6"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.7"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.4"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.6"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.0"
        }
    ]
}

Affected versions

v0.*
v0.0.1
v0.0.2
v0.0.3
v0.0.4
v0.0.5
v0.0.6
v0.1.0
v0.1.1
v0.1.10
v0.1.100
v0.1.101
v0.1.102
v0.1.103
v0.1.104
v0.1.11
v0.1.12
v0.1.13
v0.1.14
v0.1.15
v0.1.16
v0.1.17
v0.1.18
v0.1.19
v0.1.2
v0.1.20
v0.1.21
v0.1.22
v0.1.23
v0.1.24
v0.1.25
v0.1.26
v0.1.27
v0.1.28
v0.1.29
v0.1.3
v0.1.30
v0.1.31
v0.1.32
v0.1.33
v0.1.4
v0.1.5
v0.1.6
v0.1.7
v0.1.8
v0.1.9
v0.1.90
v0.1.91
v0.1.92
v0.1.93
v0.1.94
v0.1.95
v0.1.96
v0.1.97
v0.1.98
v0.1.99
v0.10.0
v0.10.1
v0.10.10
v0.10.11
v0.10.12
v0.10.13
v0.10.14
v0.10.15
v0.10.16
v0.10.17
v0.10.18
v0.10.19
v0.10.2
v0.10.20
v0.10.21
v0.10.22
v0.10.23
v0.10.24
v0.10.25
v0.10.26
v0.10.27
v0.10.28
v0.10.29
v0.10.3
v0.10.30
v0.10.31
v0.10.32
v0.10.33
v0.10.34
v0.10.35
v0.10.36
v0.10.37
v0.10.38
v0.10.39
v0.10.4
v0.10.40
v0.10.41
v0.10.41-rc.1
v0.10.42
v0.10.43
v0.10.44
v0.10.45
v0.10.46
v0.10.47
v0.10.48
v0.10.5
v0.10.6
v0.10.7
v0.10.8
v0.10.9
v0.11.0
v0.11.1
v0.11.10
v0.11.11
v0.11.12
v0.11.13
v0.11.14
v0.11.15
v0.11.16
v0.11.2
v0.11.3
v0.11.4
v0.11.5
v0.11.6
v0.11.7
v0.11.8
v0.11.9
v0.12.0
v0.12.1
v0.12.10
v0.12.11
v0.12.12
v0.12.13
v0.12.14
v0.12.15
v0.12.16
v0.12.17
v0.12.18
v0.12.2
v0.12.3
v0.12.4
v0.12.5
v0.12.6
v0.12.7
v0.12.8
v0.12.8-rc.1
v0.12.9
v0.2.0
v0.2.1
v0.2.2
v0.2.3
v0.2.4
v0.2.5
v0.2.6
v0.3.0
v0.3.1
v0.3.2
v0.3.3
v0.3.4
v0.3.5
v0.3.6
v0.3.7
v0.3.8
v0.4.0
v0.4.1
v0.4.10
v0.4.11
v0.4.12
v0.4.2
v0.4.3
v0.4.4
v0.4.5
v0.4.6
v0.4.7
v0.4.8
v0.4.9
v0.5.0
v0.5.1
v0.5.10
v0.5.2
v0.5.3
v0.5.4
v0.5.5
v0.5.5-rc1
v0.5.6
v0.5.7
v0.5.8
v0.5.9
v0.6.0
v0.6.1
v0.6.10
v0.6.11
v0.6.12
v0.6.13
v0.6.14
v0.6.15
v0.6.16
v0.6.17
v0.6.18
v0.6.19
v0.6.2
v0.6.20
v0.6.21
v0.6.3
v0.6.4
v0.6.5
v0.6.6
v0.6.7
v0.6.8
v0.6.9
v0.7.0
v0.7.1
v0.7.10
v0.7.10-fixed
v0.7.11
v0.7.12
v0.7.2
v0.7.3
v0.7.4
v0.7.5
v0.7.6
v0.7.7
v0.7.8
v0.7.9
v0.8.0
v0.8.1
v0.8.10
v0.8.11
v0.8.12
v0.8.13
v0.8.14
v0.8.15
v0.8.16
v0.8.17
v0.8.18
v0.8.19
v0.8.2
v0.8.20
v0.8.21
v0.8.22
v0.8.23
v0.8.24
v0.8.25
v0.8.26
v0.8.27
v0.8.28
v0.8.3
v0.8.4
v0.8.5
v0.8.6
v0.8.7
v0.8.8
v0.8.9
v0.9.0
v0.9.1
v0.9.10
v0.9.11
v0.9.12
v0.9.2
v0.9.3
v0.9.4
v0.9.5
v0.9.6
v0.9.7
v0.9.8
v0.9.9
v1.*
v1.0.0
v1.0.0-release
v10.*
v10.0.0
v12.*
v12.0.0
v12.1.0
v12.10.0
v12.11.0
v12.11.1
v12.12.0
v12.13.0
v12.13.1
v12.14.0
v12.14.1
v12.2.0
v12.3.0
v12.3.1
v12.4.0
v12.5.0
v12.6.0
v12.7.0
v12.8.0
v12.8.1
v12.9.0
v12.9.1
v13.*
v13.0.0
v13.0.1
v13.1.0
v13.2.0
v13.3.0
v13.4.0
v13.5.0
v13.6.0
v13.7.0
vm-19.*
vm-19.3.0
vm-19.3.0.2
vm-19.3.1
vm-19.3.2
vm-19.3.2-pre
vm-19.3.3
vm-19.3.4
vm-19.3.5
vm-19.3.6
vm-20.*
vm-20.0.0
vm-20.0.1
vm-20.1.0
vm-20.2.0
vm-20.3.0
vm-20.3.1
vm-20.3.1.2
vm-20.3.2
vm-20.3.3
vm-20.3.4
vm-21.*
vm-21.0.0
vm-21.0.0.2
vm-21.1.0
vm-21.2.0
vm-21.3.0

Database specific

unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "30"
            }
        ]
    }
]
source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-15605.json"