6 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-11525
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Impact: When undici parses a Set-Cookie header, it accepts any SameSite attribute value that contains Strict, Lax, or None as a substring, rather than the...
PT-2026-50456
Name of the Vulnerable Software and Affected Versions undici versions 6.17.0 through 6.25.x undici versions 7.0.0 through 7.27.x undici versions 8.0.0 through 8.4.x Description The WebSocket client fails to limit the number of fragments in a message, only enforcing the maxPayloadSize on the...
TencentOS Server 4: nodejs20 (TSSA-2026:0186)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0186 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
0utmailauth (=1.0.0), 0xsodium (>=0.2.0 <=0.14.0) +13862 more potentially affected by CVE-2026-2229 via undici (>=0.3.3 <=6.23.0)
undici NPM version =0.3.3, =0.2.0, =1.0.0, =0.2.0, =0.4.0, =0.1.0, =0.0.1, =1.0.21, =2.1.0, =2.1.0, =2.1.1 and more Source cves: CVE-2026-2229 Source advisory: OSV:GHSA-V9P9-HFJ2-HCW8...
@01.software/cli (>=0.1.1 <=0.2.0-dev.260310.cf511cb), @01.software/sdk (>=0.1.0-dev.260119.0a66443 <=0.3.0) +226 more potentially affected by CVE-2026-2581 via undici (>=7.18.0 <=7.22.0)
undici NPM version =7.18.0, =0.1.1, =0.1.0-dev.260119.0a66443, =0.0.1, =0.1.0, =0.1.3, =21.1.0, =1.0.1, =1.0.1-beta.0, =2026.1.14, =0.13.100, =1.21.1, =0.12.5, =0.0.1, =0.0.0-dev.20251108074143, =1.2.1-dev.20260414125348 and more Source cves: CVE-2026-2581 Source advisory: OSV:GHSA-PHC3-FGPG-7M6H...
@01.software/sdk (>=0.0.1-251008.90016 <=0.1.0-dev.260109.7cf07c9), @adenta/cms (>=0.0.6 <=1.1.1-0) +258 more potentially affected by CVE-2026-22036 via undici (>=7.0.0-alpha.3 <=7.18.0)
undici NPM version =7.0.0-alpha.3, =0.0.1-251008.90016, =0.0.6, =0.0.2, =0.0.33, =0.0.1, =1.0.0, =21.0.0, =0.5.0, =1.0.1-dev.120, =12.6.9, =0.1.6, =0.13.70, =1.13.0, =1.21.0 and more Source cves: CVE-2026-22036 Source advisory: SNYK:JS-UNDICI-14943963...