Lucene search
K

8 matches found

Github Security Blog
Github Security Blog
added 2026/06/19 2:20 p.m.9 views

undici vulnerable to cross-origin request routing via SOCKS5 proxy pool reuse

Impact When using Socks5ProxyAgent, undici reuses a single connection pool across different origins without verifying that the pool's origin matches the requested origin. All requests are dispatched through the pool connected to the first origin, regardless of the intended destination. This cause...

8.8CVSS6.4AI score0.00277EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2026/06/19 2:20 p.m.9 views

EUVD-2026-37760

undici vulnerable to cross-origin request routing via SOCKS5 proxy pool reuse...

7.5CVSS6.4AI score0.00277EPSS
Exploits0References4
OSV
OSV
added 2026/06/19 2:20 p.m.8 views

GHSA-HM92-R4W5-C3MJ undici vulnerable to cross-origin request routing via SOCKS5 proxy pool reuse

Impact When using Socks5ProxyAgent, undici reuses a single connection pool across different origins without verifying that the pool's origin matches the requested origin. All requests are dispatched through the pool connected to the first origin, regardless of the intended destination. This cause...

7.5CVSS6.4AI score0.00277EPSS
Exploits0References5
Patchstack
Patchstack
added 2026/06/19 2:20 p.m.7 views

NPM: undici vulnerable to cross-origin request routing via SOCKS5 proxy pool reuse

NPM: undici vulnerable to cross-origin request routing via SOCKS5 proxy pool reuse vulnerability discovered by ? in WordPress Npm undici versions = 7.23.0, 7.28.0...

8.8CVSS6.4AI score0.00277EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2026/06/17 6:18 p.m.9 views

CVE-2026-6734

Impact: When using Socks5ProxyAgent, undici reuses a single connection pool across different origins without verifying that the pool's origin matches the requested origin. All requests are dispatched through the pool connected to the first origin, regardless of the intended destination. This caus...

8.8CVSS0.00277EPSS
Exploits0References9
CVE
CVE
added 2026/06/17 4:36 p.m.39 views

CVE-2026-6734

Summary of CVE-2026-6734 : A vulnerability in undici’s Socks5ProxyAgent causes cross-origin request routing by reusing a single connection pool across multiple origins without verifying the pool origin. As a result, requests for origin B can be dispatched through the pool for origin A; credential...

8.8CVSS5.3AI score0.00277EPSS
Exploits0References9Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/17 4:36 p.m.8 views

CVE-2026-6734 undici vulnerable to cross-origin request routing via SOCKS5 proxy pool reuse

Impact: When using Socks5ProxyAgent, undici reuses a single connection pool across different origins without verifying that the pool's origin matches the requested origin. All requests are dispatched through the pool connected to the first origin, regardless of the intended destination. This caus...

7.5CVSS5.3AI score0.00277EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.16 views

PT-2026-50513

Name of the Vulnerable Software and Affected Versions undici versions 7.23.0 through 8.1.0 Description When using Socks5ProxyAgent, the software reuses a single connection pool across different origins without verifying if the pool's origin matches the requested origin. This leads to cross-origin...

8.8CVSS5.8AI score0.00277EPSS
Exploits0References27
Rows per page
Query Builder