Nodejs Undici 6.10.2 for Node.js

CPE Details

Nodejs Undici 6.10.2 for Node.js
nodejs
undici
6.10.2
2024-12-17
18h50 +00:00
2024-12-17
18h50 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:nodejs:undici:6.10.2:*:*:*:*:node.js:*:*

Informations

Vendor

nodejs

Product

undici

Version

6.10.2

Target Software

node.js

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2024-30260 2024-04-04 15h15 +00:00 Undici is an HTTP/1.1 client, written from scratch for Node.js. Undici cleared Authorization and Proxy-Authorization headers for `fetch()`, but did not clear them for `undici.request()`. This vulnerability was patched in version(s) 5.28.4 and 6.11.1.
4.3
Moyen
CVE-2024-30261 2024-04-04 15h09 +00:00 Undici is an HTTP/1.1 client, written from scratch for Node.js. An attacker can alter the `integrity` option passed to `fetch()`, allowing `fetch()` to accept requests as valid even if they have been tampered. This vulnerability was patched in version(s) 5.28.4 and 6.11.1.
3.5
Bas