Lucene search
+L

51 matches found

redhat
redhat
added yesterday5 views

undici: undici: Man-in-the-Middle attack via ignored TLS options with SOCKS5 proxy

A flaw was found in undici. When undici's ProxyAgent is configured with a SOCKS5 proxy Uniform Resource Identifier URI, it silently ignores Transport Layer Security TLS options, such as custom Certificate Authorities CAs. This allows a remote attacker to perform a Man-in-the-Middle MITM attack,...

7.4CVSS6.8AI score0.00476EPSS
Exploits0References6
redhat
redhat
added 5 days ago4 views

undici: undici: Information disclosure and data integrity issues due to incorrect Socks5ProxyAgent connection routing

A flaw was found in undici. When using Socks5ProxyAgent, undici incorrectly reuses a single connection pool across different origins. This can lead to cross-origin request routing, where sensitive credentials and data intended for one destination are sent to another. Consequently, responses from...

8.8CVSS6.6AI score0.00358EPSS
Exploits0References6
osv
osv
added 2026/07/09 12:53 p.m.2 views

OESA-2026-2943 socat security update

Socat is a relay for bidirectional data transfer between two independent data channels. Each of these data channels may be a file, pipe, device serial line etc. or a pseudo terminal, a socket UNIX, IP4, IP6 - raw, UDP, TCP, an SSL socket, proxy CONNECT connection, a file descriptor stdin etc., th...

9.8CVSS6.2AI score0.00308EPSS
Exploits0References2
redhat
redhat
added 2026/07/06 2:47 p.m.5 views

undici: undici: Man-in-the-Middle attack via ignored TLS options with SOCKS5 proxy

A flaw was found in undici. When undici's ProxyAgent is configured with a SOCKS5 proxy Uniform Resource Identifier URI, it silently ignores Transport Layer Security TLS options, such as custom Certificate Authorities CAs. This allows a remote attacker to perform a Man-in-the-Middle MITM attack,...

7.4CVSS7AI score0.00476EPSS
Exploits0References6
redhat
redhat
added 2026/07/06 4:52 a.m.7 views

undici: undici: Man-in-the-Middle attack via ignored TLS options with SOCKS5 proxy

A flaw was found in undici. When undici's ProxyAgent is configured with a SOCKS5 proxy Uniform Resource Identifier URI, it silently ignores Transport Layer Security TLS options, such as custom Certificate Authorities CAs. This allows a remote attacker to perform a Man-in-the-Middle MITM attack,...

7.4CVSS7AI score0.00476EPSS
Exploits0References6
osv
osv
added 2026/07/06 12:0 a.m.5 views

ALSA-2026:35841 Important: nodejs24 security, bug fix, and enhancement update

Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices...

9.8CVSS6.5AI score0.02806EPSS
Exploits1References32
euvd
euvd
added 2026/06/26 9:53 p.m.14 views

EUVD-2026-31685

Hackney: ssl:connect/2 post-handshake upgrade has no timeout...

8.2CVSS5.8AI score0.00703EPSS
Exploits1References5
osv
osv
added 2026/06/25 5:17 p.m.3 views

ALPINE-CVE-2026-56123

socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer overflow vulnerability that allows a malicious SOCKS5 proxy server to overwrite adjacent heap memory by exploiting a sign-extension flaw in the DOMAINNAME reply parser. During connection setup, the domain name length byte is read...

9.8CVSS6AI score0.00308EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/06/25 3:43 p.m.6 views

CVE-2026-56123

socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer overflow vulnerability that allows a malicious SOCKS5 proxy server to overwrite adjacent heap memory by exploiting a sign-extension flaw in the DOMAINNAME reply parser. During connection setup, the domain name length byte is read...

9.2CVSS6.2AI score0.00308EPSS
Exploits0References3Affected Software1
euvd
euvd
added 2026/06/25 3:43 p.m.5 views

EUVD-2026-39455

socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer overflow vulnerability that allows a malicious SOCKS5 proxy server to overwrite adjacent heap memory by exploiting a sign-extension flaw in the DOMAINNAME reply parser. During connection setup, the domain name length byte is read...

9.2CVSS6.2AI score0.00308EPSS
Exploits0References2
debiancve
debiancve
added 2026/06/25 3:43 p.m.5 views

CVE-2026-56123

socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer overflow vulnerability that allows a malicious SOCKS5 proxy server to overwrite adjacent heap memory by exploiting a sign-extension flaw in the DOMAINNAME reply parser. During connection setup, the domain name length byte is read...

9.8CVSS6AI score0.00308EPSS
Exploits0
cve
cve
added 2026/06/25 3:43 p.m.27 views

CVE-2026-56123

CVE-2026-56123 affects socat versions 1.8.0.0 through 1.8.1.1. A signed-char sign-extension bug in the DOMAINNAME reply parser during SOCKS5 handshake allows a negative bytes_to_read value to be implicitly converted to size_t, causing an unbounded heap write into a 262-byte reply buffer. This res...

9.8CVSS6.2AI score0.00308EPSS
Exploits0References2Affected Software1
nessus
nessus
added 2026/06/20 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-9697

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Impact: undici's ProxyAgent silently drops the requestTls option when configured with a SOCKS5 proxy URI socks5:// or socks://. The target HTTPS connection...

7.4CVSS6.7AI score0.00476EPSS
Exploits0References4
euvd
euvd
added 2026/06/18 2:28 p.m.11 views

EUVD-2026-37763

undici vulnerable to TLS certificate validation bypass via dropped requestTls in SOCKS5 ProxyAgent...

7.4CVSS5.8AI score0.00476EPSS
Exploits0References3
github
github
added 2026/06/18 2:28 p.m.12 views

undici vulnerable to TLS certificate validation bypass via dropped requestTls in SOCKS5 ProxyAgent

Impact undici's ProxyAgent silently drops the requestTls option when configured with a SOCKS5 proxy URI socks5:// or socks://. The target HTTPS connection through the SOCKS5 tunnel falls back to Node's default trust store, ignoring user-configured ca, cert, key, rejectUnauthorized, and servername...

7.4CVSS5.9AI score0.00476EPSS
Exploits0References4Affected Software1
redhatcve
redhatcve
added 2026/06/17 11:20 p.m.15 views

CVE-2026-9697

A flaw was found in undici. When undici's ProxyAgent is configured with a SOCKS5 proxy Uniform Resource Identifier URI, it silently ignores Transport Layer Security TLS options, such as custom Certificate Authorities CAs. This allows a remote attacker to perform a Man-in-the-Middle MITM attack,...

7.4CVSS6.8AI score0.00476EPSS
Exploits0References5
snyk
snyk
added 2026/06/17 6:20 p.m.14 views

Improper Certificate Validation

Overview undici is an An HTTP/1.1 client, written from scratch for Node.js Affected versions of this package are vulnerable to Improper Certificate Validation in the ProxyAgent when configured with a SOCKS5 proxy URI, which causes the requestTls option to be silently dropped. An attacker can...

7.4CVSS6.4AI score0.00476EPSS
Exploits0References2
osv
osv
added 2026/06/17 4:46 p.m.4 views

CVE-2026-9697 undici vulnerable to TLS certificate validation bypass via dropped requestTls in SOCKS5 ProxyAgent

Impact: undici's ProxyAgent silently drops the requestTls option when configured with a SOCKS5 proxy URI socks5:// or socks://. The target HTTPS connection through the SOCKS5 tunnel falls back to Node's default trust store, ignoring user-configured ca, cert, key, rejectUnauthorized, and servernam...

7.4CVSS6.7AI score0.00476EPSS
Exploits0References15
cvelist
cvelist
added 2026/06/17 4:46 p.m.56 views

CVE-2026-9697 undici vulnerable to TLS certificate validation bypass via dropped requestTls in SOCKS5 ProxyAgent

Impact: undici's ProxyAgent silently drops the requestTls option when configured with a SOCKS5 proxy URI socks5:// or socks://. The target HTTPS connection through the SOCKS5 tunnel falls back to Node's default trust store, ignoring user-configured ca, cert, key, rejectUnauthorized, and servernam...

7.4CVSS0.00476EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/06/17 4:46 p.m.7 views

CVE-2026-9697 undici vulnerable to TLS certificate validation bypass via dropped requestTls in SOCKS5 ProxyAgent

Impact: undici's ProxyAgent silently drops the requestTls option when configured with a SOCKS5 proxy URI socks5:// or socks://. The target HTTPS connection through the SOCKS5 tunnel falls back to Node's default trust store, ignoring user-configured ca, cert, key, rejectUnauthorized, and servernam...

7.4CVSS6.4AI score0.00476EPSS
Exploits0References2
Rows per page
Query Builder