Undici is vulnerable to Proxy-Authentication header leakage. The vulnerability is due to not clearing Proxy-Authentication
headers on cross-origin redirects. Attackers could potentially exploit this vulnerability to gain unauthorized access or obtain sensitive data transmitted via these headers, leading exposure of sensitive information.
www.openwall.com/lists/oss-security/2024/03/11/1
github.com/nodejs/undici/commit/b9da3e40f1f096a06b4caedbb27c2568730434ef
github.com/nodejs/undici/commit/d3aa574b1259c1d8d329a0f0f495ee82882b1458
github.com/nodejs/undici/releases/tag/v5.28.3
github.com/nodejs/undici/releases/tag/v6.6.1
github.com/nodejs/undici/security/advisories/GHSA-3787-6prv-h9w3
security.netapp.com/advisory/ntap-20240419-0007/