CVE-2021-22960 – llhttp: HTTP Request Smuggling when parsing the body of chunked requests

https://notcve.org/view.php?id=CVE-2021-22960

The parse function in llhttp < 2.1.4 and < 6.0.6. ignores chunk extensions when parsing the body of chunked requests. This leads to HTTP Request Smuggling (HRS) under certain conditions. La función parse en llhttp versiones anteriores a 2.1.4 y versiones anteriores a 6.0.6. ignora las extensiones chunk cuando analiza el cuerpo de las peticiones chunked. Esto conlleva a un Contrabando de Peticiones HTTP (HRS) bajo determinadas condiciones An HTTP Request Smuggling (HRS) vulnerability was found in the llhttp library, used by Node.JS. During the parsing of chunked messages, the chunk size parameter was not validated properly. • https://hackerone.com/reports/1238099 https://www.debian.org/security/2022/dsa-5170 https://www.oracle.com/security-alerts/cpujan2022.html https://access.redhat.com/security/cve/CVE-2021-22960 https://bugzilla.redhat.com/show_bug.cgi?id=2014059 • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •