Including trailing white space in HTTP header values in Nodejs 10, 12, and 13 causes bypass of authorization based on header value comparisons
Name | Vendor | Start Version | End Version |
---|---|---|---|
Node.js | Nodejs | 10.0.0 (including) | 10.19.0 (excluding) |
Node.js | Nodejs | 12.0.0 (including) | 12.15.0 (excluding) |
Node.js | Nodejs | 13.0.0 (including) | 13.8.0 (excluding) |