GHSA-9QXR-QJ54-H672 Undici's fetch with integrity option is too lax when algorithm is specified but hash value is in incorrect
Impact If an attacker can alter the integrity option passed to fetch, they can let fetch accept requests as valid even if they have been tampered. Patches Fixed in https://github.com/nodejs/undici/commit/d542b8cd39ec1ba303f038ea26098c3f355974f3. Fixes has been released in v5.28.4 and v6.11.1...