Lucene search
Veracode Vulnerability DatabaseVERACODE:47959HistoryJul 09, 2024 - 5:51 a.m.
Memory Disclosure
2024-07-0905:51:54
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
2
undici
vulnerability
memory leakage
arraybuffer()
node.js
network
process conditions
CVSS3
2
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:N
AI Score
6.9
Confidence
High
Undici is vulnerable to Memory Leakage. The vulnerability is due to the response.arrayBuffer() method, which potentially allows an attacker to exposes sensitive portions of memory from Node.js process depending on the network and process conditions.
Related
cvelist
cvelist
ibm
ibm
osv
osv
Undici vulnerable to data leak when using response.arrayBuffer()
2024-07-09 13:32:30
CVE-2024-38372
2024-07-08 21:15:12
nessus
nessus
Node.js Module Undici < 6.19.2 Information Disclosure
2024-07-26 00:00:00
github
github
Undici vulnerable to data leak when using response.arrayBuffer()
2024-07-09 13:32:30
debiancve
debiancve
CVE-2024-38372
2024-07-08 21:15:12
vulnrichment
vulnrichment
nvd
nvd
CVE-2024-38372
2024-07-08 21:15:12
ubuntucve
ubuntucve
CVE-2024-38372
2024-07-08 00:00:00
cve
cve
CVE-2024-38372
2024-07-08 21:15:12
CVSS3
2
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:N
AI Score
6.9
Confidence
High
Related for VERACODE:47959