Lucene search
K

9 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-6733

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Impact: Undici's HTTP/1.1 client is vulnerable to response queue poisoning on reused keep-alive sockets. An attacker-controlled upstream server can inject an...

3.7CVSS7AI score0.00228EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/19 2:19 p.m.15 views

EUVD-2026-37769

undici vulnerable to HTTP response queue poisoning via keep-alive socket reuse...

3.7CVSS5.8AI score0.00228EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/06/19 1:58 a.m.10 views

SUSE CVE-2026-6733

Impact: Undici's HTTP/1.1 client is vulnerable to response queue poisoning on reused keep-alive sockets. An attacker-controlled upstream server can inject an unsolicited HTTP/1.1 response onto an idle socket after a request completes. When the client dispatches the next request on that socket, it...

3.7CVSS5.3AI score0.00228EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/06/17 11:20 p.m.6 views

CVE-2026-6733

A flaw was found in undici. An attacker-controlled upstream server can exploit a vulnerability in Undici's HTTP/1.1 client, specifically related to response queue poisoning on reused keep-alive sockets. This allows the attacker to inject an unsolicited HTTP/1.1 response onto an idle socket...

3.7CVSS4.9AI score0.00228EPSS
Exploits0References6
Snyk
Snyk
added 2026/06/17 6:21 p.m.6 views

Time-of-check Time-of-use (TOCTOU) Race Condition

Overview org.webjars.npm:undici is an An HTTP/1.1 client, written from scratch for Node.js Affected versions of this package are vulnerable to Time-of-check Time-of-use TOCTOU Race Condition in the HTTP/1.1 client when an attacker-controlled upstream server injects an unsolicited response onto an...

6.3CVSS5.9AI score0.00228EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/17 6:21 p.m.7 views

Time-of-check Time-of-use (TOCTOU) Race Condition

Overview undici is an An HTTP/1.1 client, written from scratch for Node.js Affected versions of this package are vulnerable to Time-of-check Time-of-use TOCTOU Race Condition in the HTTP/1.1 client when an attacker-controlled upstream server injects an unsolicited response onto an idle keep-alive...

6.3CVSS5.9AI score0.00228EPSS
Exploits0References2
OSV
OSV
added 2026/06/17 6:18 p.m.4 views

DEBIAN-CVE-2026-6733

Impact: Undici's HTTP/1.1 client is vulnerable to response queue poisoning on reused keep-alive sockets. An attacker-controlled upstream server can inject an unsolicited HTTP/1.1 response onto an idle socket after a request completes. When the client dispatches the next request on that socket, it...

3.7CVSS5.3AI score0.00228EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.14 views

PT-2026-50512

Name of the Vulnerable Software and Affected Versions undici versions prior to 6.26.0 undici versions prior to 7.28.0 undici versions prior to 8.5.0 Description The HTTP/1.1 client is subject to response queue poisoning when keep-alive sockets are reused. An attacker-controlled upstream server ca...

3.7CVSS5.3AI score0.00228EPSS
Exploits0References81
SUSE CVE
SUSE CVE
added 2025/05/02 2:3 a.m.5 views

SUSE CVE-2025-23143

In the Linux kernel, the following vulnerability has been resolved: net: Fix null-ptr-deref by socklockinitclassandname and rmmod. When I ran the repro 0 and waited a few seconds, I observed two LOCKDEP splats: a warning immediately followed by a null-ptr-deref. 1 Reproduction Steps: 1 Mount CIFS...

5.5CVSS6.3AI score0.00176EPSS
Exploits0References3
Rows per page
Query Builder