Predictable Boundary Selection

🗓️ 27 Jan 2025 06:26:05Reported by Veracode Vulnerability DatabaseType

veracode🔗 sca.analysiscenter.veracode.com👁 9 Views

Undici has a predictable boundary selection vulnerability due to Math.random(), risking API tampering.

Reporter	Title	Published	Views	Family All 197
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM API Connect	15 Mar 202500:18	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Storage Fusion Data Foundation is vulnerable to CVE-2025-22150 in undici-6.20.1	25 Jun 202516:25	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar Data Synchronization app for IBM QRadar SIEM includes components with known vulnerabilities	15 Aug 202514:35	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cognos Dashboards on Cloud Pak for Data has addressed security vulnerabilities	27 Feb 202513:56	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Security QRadar EDR Software contains multiple vulnerabilities	14 Mar 202510:49	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities affecting IBM Decision Optimization for Cloud Pak for Data are addressed	16 May 202515:04	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in QRadar Suite Software	13 Mar 202619:11	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities in IBM Business Automation Manager Open Editions.	30 Jun 202523:10	–	ibm
IBM Security Bulletins	Security Bulletin: IBM App Connect Enterprise Certified Container operands are vulnerable to use of insufficient random values [CVE-2025-22150]	29 Jan 202510:54	–	ibm
IBM Security Bulletins	Security Bulletin: IBM App Connect Enterprise is vulnerable to multiple vulnerabilities due to Node.js (CVE-2025-23085, CVE-2025-23084 & CVE-2025-22150)	27 Feb 202516:08	–	ibm

Vulners

Node

nodejs nodejsMatch18.12.1-r0js

AND

nodejs nodejsMatch16.15.0-r0js

AND

nodejs nodejsMatch20.11.1-r0js

AND

nodejs nodejsMatch20.12.1-r0js

AND

nodejs nodejsMatch18.17.0-r0js

AND

nodejs nodejsMatch14.17.0-r0js

AND

nodejs nodejsMatch18.14.2-r0js

AND

nodejs nodejsMatch14.17.1-r0js

AND

nodejs nodejsMatch12.15.0-r1js

AND

nodejs nodejsMatch18.16.1-r0js

AND

nodejs nodejsMatch16.17.0-r0js

AND

nodejs nodejsMatch16.13.1-r0js

AND

nodejs nodejsMatch18.18.2-r0js

AND

nodejs nodejsMatch14.17.6-r1js

AND

nodejs nodejsMatch16.13.2-r1js

AND

nodejs nodejsMatch16.14.2-r0js

AND

nodejs nodejsMatch18.16.0-r0js

AND

nodejs nodejsMatch18.14.1-r0js

AND

nodejs nodejsMatch18.18.1-r0js

AND

nodejs nodejsMatch14.18.1-r1js

AND

nodejs nodejsMatch12.17.0-r0js

AND

nodejs nodejsMatch20.9.0-r0js

AND

nodejs nodejsMatch20.10.0-r0js

AND

nodejs nodejsMatch18.15.0-r1js

AND

nodejs nodejsMatch14.17.3-r0js

AND

nodejs nodejsMatch18.13.0-r0js

AND

nodejs nodejsMatch16.13.1-r1js

AND

nodejs nodejsMatch18.18.2-r1js

AND

nodejs nodejsMatch18.14.0-r0js

AND

nodejs nodejsMatch14.17.5-r0js

AND

nodejs nodejsMatch18.15.0-r0js

AND

nodejs nodejsMatch14.17.2-r0js

AND

nodejs nodejsMatch16.13.2-r0js

AND

nodejs nodejsMatch20.13.1-r0js

AND

nodejs nodejsMatch20.12.2-r0js

AND

nodejs nodejsMatch14.16.1-r2js

AND

nodejs nodejsMatch16.16.0-r1js

AND

nodejs nodejsMatch14.16.0-r0js

AND

nodejs nodejsMatch14.17.4-r0js

AND

nodejs nodejsMatch20.15.1-r0js

AND

nodejs nodejsMatch18.18.0-r0js

AND

nodejs nodejsMatch16.14.2-r1js

AND

nodejs nodejsMatch16.17.1-r0js

AND

nodejs nodejsMatch18.16.0-r1js

AND

nodejs nodejsMatch16.16.0-r0js

AND

nodejs nodejsMatch14.17.6-r0js

AND

nodejs nodejsMatch16.18.0-r1js

AND

nodejs nodejsMatch18.17.1-r0js

AND

nodejs nodejsMatch22.11.0-r1js

AND

nodejs nodejsMatch22.11.0-r2js

AND

nodejs nodejsMatch22.11.0-r0js

AND

nodejs nodejsMatch16.15.0-r1js

AND

nodejs nodejsMatch12.16.2-r0js

AND

nodejs nodejsMatch14.16.0-r1js

AND

nodejs nodejsMatch14.18.0-r0js

AND

alpinelinux alpine_linuxMatchedge

nodejs nodejsMatch22.11.0-r0js

AND

nodejs nodejsMatch22.11.0-r1js

AND

nodejs nodejsMatch20.15.1-r0js

AND

alpinelinux alpine_linuxMatch3.21

nodejs undiciRange4.5.0–5.28.4js

nodejs undiciRange6.0.0–6.21.0js

nodejs undiciRange7.0.0–7.2.2js

nodejs undiciRange4.12.2–5.28.4js

Source	Link
github	www.github.com/nodejs/undici/commit/c2d78cd19fe4f4c621424491e26ce299e65e934a
hackerone	www.hackerone.com/reports/2913312
github	www.github.com/nodejs/undici/commit/711e20772764c29f6622ddc937c63b6eefdf07d0
github	www.github.com/nodejs/undici/blob/8b06b8250907d92fead664b3368f1d2aa27c1f35/lib/web/fetch/body.js
blog	www.blog.securityevaluators.com/hacking-the-javascript-lottery-80cc437e3b7f
github	www.github.com/advisories/GHSA-c76h-2ccp-4975
github	www.github.com/nodejs/undici/commit/c3acc6050b781b827d80c86cbbab34f14458d385
github	www.github.com/nodejs/undici/security/advisories/GHSA-c76h-2ccp-4975

27 Jan 2025 13:20Current

6.5Medium risk

Vulners AI Score6.5

CVSS 3.16.8

EPSS0.00605

SSVC

undici vulnerability predictable boundary math.random()api tampering security flaw.