What the vulnerability does
01Description
Including trailing white space in HTTP header values in Nodejs 10, 12, and 13 causes bypass of authorization based on header value comparisons
CVSS base score
—
Key dates
02Disclosure timeline
February 7, 2020
CVE published
April 30, 2025
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2019-15958 Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerability
CVE-2025-12741 Arbitrary File Write in Denodo dialect of Looker allows Remote Code Execution
CVE-2021-36006 Adobe Photoshop MP4 File Parsing Uninitialized Variable Information Disclosure Vulnerability
CVE-2019-1844 Cisco Email Security Appliance Filter Bypass Vulnerability
CVE-2019-19298
