4.1 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
15.1%
A sensitive information exposure vulnerability was found in undici. In this issue, it cleared Authorization headers on cross-origin redirects but did not clear the Proxy-Authentication headers.
Proxy-Authentication
bugzilla.redhat.com/show_bug.cgi?id=2264730
github.com/nodejs/undici/security/advisories/GHSA-3787-6prv-h9w3
nvd.nist.gov/vuln/detail/CVE-2024-24758
www.cve.org/CVERecord?id=CVE-2024-24758