Lucene search
+L

PT-2024-2689 · Node.Js +4 · Undici +4

🗓️ 05 Feb 2024 00:00:00Reported by Positive TechnologiesType 
ptsecurity
 ptsecurity
🔗 dbugs.ptsecurity.com👁 5 Views

Undici Node.js does not clear Proxy-Authentication headers on redirects, risking escalation; upgrade to 5.28.3+ or 6.6.1+ or disable these headers.

Related
Refs
ReporterTitlePublishedViews
Family
Oracle linux
18 security, bug fix, and enhancement update
2 Aug 202300:00
oraclelinux
Oracle linux
nodejs security, bug fix, and enhancement update
2 Aug 202300:00
oraclelinux
Oracle linux
nodejs:18 security, bug fix, and enhancement update
10 Aug 202300:00
oraclelinux
Oracle linux
nodejs:16 security, bug fix, and enhancement update
10 Aug 202300:00
oraclelinux
Oracle linux
nodejs:16 security, bug fix, and enhancement update
28 Sep 202300:00
oraclelinux
Oracle linux
nodejs:18 security, bug fix, and enhancement update
28 Sep 202300:00
oraclelinux
Oracle linux
nodejs:18 security, bug fix, and enhancement update
5 Oct 202300:00
oraclelinux
Oracle linux
nodejs security and bug fix update
10 Oct 202300:00
oraclelinux
Oracle linux
18 security update
20 Oct 202300:00
oraclelinux
Oracle linux
nodejs:18 security update
23 Oct 202300:00
oraclelinux
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

13 Feb 2025 00:00Current
6.3Medium risk
Vulners AI Score6.3
CVSS 25.1
CVSS 3.19.8
CVSS 38.2
EPSS0.87211
SSVC
5