Vulnerabilities > Nodejs > Undici > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-04-04 | CVE-2024-30260 | Incorrect Authorization vulnerability in multiple products Undici is an HTTP/1.1 client, written from scratch for Node.js. | 4.3 |
2024-02-16 | CVE-2024-24750 | Memory Leak vulnerability in Nodejs Undici Undici is an HTTP/1.1 client, written from scratch for Node.js. | 6.5 |
2024-02-16 | CVE-2024-24758 | Unspecified vulnerability in Nodejs Undici Undici is an HTTP/1.1 client, written from scratch for Node.js. | 4.5 |
2023-02-16 | CVE-2023-23936 | Injection vulnerability in Nodejs Undici Undici is an HTTP/1.1 client for Node.js. | 5.4 |
2022-08-15 | CVE-2022-35948 | Unspecified vulnerability in Nodejs Undici undici is an HTTP/1.1 client, written from scratch for Node.js.`=< [email protected]` users are vulnerable to _CRLF Injection_ on headers when using unsanitized input as request headers, more specifically, inside the `content-type` header. | 5.3 |
2022-07-21 | CVE-2022-31151 | Unspecified vulnerability in Nodejs Undici Authorization headers are cleared on cross-origin redirect. | 6.5 |
2022-07-19 | CVE-2022-31150 | Unspecified vulnerability in Nodejs Undici undici is an HTTP/1.1 client, written from scratch for Node.js. | 6.5 |
2022-07-14 | CVE-2022-32210 | Improper Certificate Validation vulnerability in Nodejs Undici `Undici.ProxyAgent` never verifies the remote server's certificate, and always exposes all request & response data to the proxy. | 6.5 |