4 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-47279
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Undici is an HTTP/1.1 client for Node.js. Prior to versions 5.29.0, 6.21.2, and 7.5.0, applications that use undici to implement a webhook-like system are...
Important: nodejs20
Issue Overview: Corrupted pointer in node::fs::ReadFileUtf8const FunctionCallbackInfo& args when args0 is a string, resulting in an unrecoverable memory leak on every call. Repeated use can cause unbounded memory growth, leading to a denial of service. Info:...
AlmaLinux 9 : nodejs:18 (ALSA-2025:1446)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:1446 advisory. undici: Undici Uses Insufficiently Random Values CVE-2025-22150 nodejs: GOAWAY HTTP/2 frames cause memory leak outside heap CVE-2025-23085 Tenable has...
CVE-2024-24750
An uncontrolled resource consumption flaw was found in undici. Calling fetchurl and not consuming the incoming body or consuming it very slowly leads to a memory leak...