Overview

File _patchinfo of Package patchinfo.26220

<patchinfo incident="26220">
  <issue tracker="cve" id="2022-32213"/>
  <issue tracker="cve" id="2022-35256"/>
  <issue tracker="bnc" id="1203832">VUL-0: CVE-2022-35256: nodejs10,nodejs8,nodejs12,nodejs16,nodejs14,nodejs4,nodejs6: HTTP Request Smuggling Due to Incorrect Parsing of Header Fields</issue>
  <issue tracker="bnc" id="1201325">VUL-0: CVE-2022-32213: nodejs: HTTP request smuggling due to flawed parsing of Transfer-Encoding</issue>
  <packager>adamm</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for nodejs10</summary>
  <description>This update for nodejs10 fixes the following issues:

  - CVE-2022-35256: Fixed incorrect parsing of header fields (bsc#1203832).
  - CVE-2022-32213: Fixed bypass via obs-fold mechanic (bsc#1201325).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places