Lucene search
K

17 matches found

CVE
CVE
added 2023/10/12 4:35 p.m.558 views

CVE-2023-45143

CVE-2023-45143 affects Undici, an HTTP/1.1 client for Node.js. Prior to version 5.26.2, Undici cleared Authorization headers on cross-origin redirects but did not clear Cookie headers, which are forbidden in browser environments. This mismatch between Undici’s header handling and the browser/spec...

3.9CVSS5.5AI score0.01223EPSS
CVE
CVE
added 2023/02/16 5:30 p.m.320 views

CVE-2023-24807

The CVE-2023-24807 issue is in Undici’s header normalization (headerValueNormalize) used by the Headers.fetch API, allowing a Regular Expression Denial of Service when untrusted header values are processed. Affected range is before Undici v5.19.1; the vulnerability is fixed in v5.19.1. Upgrading ...

7.5CVSS7.9AI score0.01304EPSS
CVE
CVE
added 2022/07/19 8:40 p.m.245 views

CVE-2022-31150

CVE-2022-31150 (undici): An HTTP/1.1 client for Node.js is vulnerable to CRLF injection in request headers in undici versions

6.5CVSS7AI score0.01158EPSS
CVE
CVE
added 2022/08/13 12:0 a.m.224 views

CVE-2022-35948

CVE-2022-35948 affects the undici HTTP/1.1 client for Node.js. When user input is unsanitized in the Content-Type header, CRLF Injection can cause multiple requests in a single call (e.g., two GETs). The issue is fixed in undici v5.8.1; workaround: sanitize input before sending as a Content-Type ...

5.3CVSS6.4AI score0.01203EPSS
Web
CVE
CVE
added 2022/07/20 11:0 p.m.215 views

CVE-2022-31151

CVE-2022-31151 affects the Node.js undici HTTP client. The issue is that during cross-origin redirects, authorization headers are cleared but cookie headers are not, potentially leaking cookies to a third party if an attacker controls the redirect target. The problem was patched in undici v5.7.1,...

6.5CVSS5.1AI score0.00584EPSS
CVE
CVE
added 2024/04/04 3:15 p.m.136 views

CVE-2024-30260

Undici (Node.js HTTP/1.1 client) had a header handling flaw: Authorization and Proxy-Authorization were cleared for fetch() but not for undici.request(), exposing potential credential leakage. The issue is addressed in patched releases 5.28.4 and 6.11.1. Affected users should upgrade to these ver...

4.3CVSS4.8AI score0.00734EPSS
CVE
CVE
added 2024/04/04 3:9 p.m.128 views

CVE-2024-30261

CVE-2024-30261 affects Undici (the HTTP/1.1 client used by Node.js). The issue lets an attacker modify the integrity option passed to fetch(), causing fetch() to accept tampered requests. It has been patched in Undici versions 5.28.4 and 6.11.1. Affected Node.js ecosystems (via Undici) may need u...

3.5CVSS4.2AI score0.00803EPSS
CVE
CVE
added 2024/02/16 9:40 p.m.124 views

CVE-2024-24758

Undici (Node.js HTTP/1.1 client) has a vulnerability where Proxy-Authorization headers were not cleared during cross-origin redirects. It is fixed in versions 5.28.3 and 6.6.1. Affected versions include older releases prior to these patches; upgrading to 5.28.3 or 6.6.1 or newer is advised. The i...

4.5CVSS3.9AI score0.00765EPSS
CVE
CVE
added 2026/03/12 7:56 p.m.105 views

CVE-2026-1525

CVE-2026-1525 is an Undici HTTP client issue where passing duplicate Content-Length headers (especially with mixed case variants like Content-Length and content-length) can produce malformed HTTP/1.1 requests and enable HTTP Request Smuggling in misconfigured environments. Public advisories indic...

9.8CVSS5.8AI score0.00493EPSS
CVE
CVE
added 2026/03/12 8:8 p.m.71 views

CVE-2026-1526

undici WebSocket PerMessageDeflate.decompress() can accumulate decompressed data without a size limit, enabling a decompression bomb that may exhaust Node.js memory and crash or render the process unresponsive. The description specifies a denial-of-service via memory exhaustion. No remediation or...

7.5CVSS5.8AI score0.0115EPSS
CVE
CVE
added 2026/06/17 5:31 p.m.62 views

CVE-2026-11525

The issue affects undici’s cookie parsing in Set-Cookie headers. The root cause is a permissive substring match for the SameSite attribute during parsing, accepting any value containing Strict, Lax, or None instead of enforcing a case-insensitive exact match per RFC 6265. This can cause downstrea...

3.7CVSS5.4AI score0.00248EPSS
CVE
CVE
added 2026/03/12 8:27 p.m.54 views

CVE-2026-2229

The CVE affects the undici WebSocket client. It arises from improper validation of the server_max_window_bits parameter in the permessage-deflate extension: isValidClientWindowBits() only checks ASCII digits and not the 8–15 range, and createInflateRaw() is not wrapped in a try-catch. A malicious...

7.5CVSS5.8AI score0.00874EPSS
CVE
CVE
added 2026/03/12 8:21 p.m.48 views

CVE-2026-1528

CVE-2026-1528 : A flaw in undici’s WebSocket handling allows a server to reply with a 64‑bit length frame that specifies an extremely large length. The ByteParser overflows internal math, enters an invalid state, and throws a fatal TypeError that terminates the process. Affected: undici (Node.js ...

7.5CVSS5.8AI score0.00488EPSS
CVE
CVE
added 2026/06/17 5:14 p.m.46 views

CVE-2026-6733

Undici’s HTTP/1.1 client is vulnerable to response queue poisoning on reused keep-alive sockets. An attacker-controlled upstream server can inject an unsolicited HTTP/1.1 response onto an idle socket after a request completes; when the client issues the next request on that socket, the injected r...

3.7CVSS5.3AI score0.00228EPSS
CVE
CVE
added 2026/01/14 7:7 p.m.43 views

CVE-2026-22036

Undici (HTTP/1.1 client for Node.js) contains a vulnerability in its decompression chain handling. Before versions 7.18.0 and 6.23.0, the chain can have an unbounded number of links, and the default maxHeaderSize allows a malicious server to insert thousands of compression steps, causing high CPU...

7.5CVSS6.3AI score0.00433EPSS
CVE
CVE
added 2026/06/17 4:56 p.m.35 views

CVE-2026-9679

undici vulnerability CVE-2026-9679 affects the cookie parsing paths (parseSetCookie, parseCookie, getSetCookies). The cookie parser percent-decodes values (via qsUnescape), turning sequences like %0D%0A, %00, %3B, and %3D into literal bytes. RFC 6265 §5.4 does not require decoding and browsers do...

5.9CVSS5.5AI score0.00257EPSS
CVE
CVE
added 2026/03/12 8:17 p.m.32 views

CVE-2026-1527

Undici (Node.js HTTP client) is vulnerable to a CRLF injection via the upgrade option in client.request() when user-controlled input is passed to the upgrade value. The root cause is that the upgrade value is written directly to the socket without validating header characters, allowing an attacke...

4.6CVSS5.9AI score0.00256EPSS