Node.js was vulnerable to a novel HTTP request smuggling technique

Bad line termination and incorrect parsing of chunk extensions exposed one of two HRS flaws