CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2025-22150 – Undici Uses Insufficiently Random Values
https://notcve.org/view.php?id=CVE-2025-22150
21 Jan 2025 — Undici is an HTTP/1.1 client. Starting in version 4.5.0 and prior to versions 5.28.5, 6.21.1, and 7.2.3, undici uses `Math.random()` to choose the boundary for a multipart/form-data request. It is known that the output of `Math.random()` can be predicted if several of its generated values are known. If there is a mechanism in an app that sends multipart requests to an attacker-controlled website, they can use this to leak the necessary values. Therefore, an attacker can tamper with the requests going to the... • https://blog.securityevaluators.com/hacking-the-javascript-lottery-80cc437e3b7f • CWE-330: Use of Insufficiently Random Values •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-30260 – Undici's Proxy-Authorization header not cleared on cross-origin redirect for dispatch, request, stream, pipeline
https://notcve.org/view.php?id=CVE-2024-30260
04 Apr 2024 — Undici is an HTTP/1.1 client, written from scratch for Node.js. Undici cleared Authorization and Proxy-Authorization headers for `fetch()`, but did not clear them for `undici.request()`. This vulnerability was patched in version(s) 5.28.4 and 6.11.1. Undici es un cliente HTTP/1.1, escrito desde cero para Node.js. Undici borró los encabezados Authorization y Proxy-Authorization para `fetch()`, pero no los borró para `undici.request()`. • https://github.com/nodejs/undici/commit/64e3402da4e032e68de46acb52800c9a06aaea3f • CWE-285: Improper Authorization •
CVSS: 2.6EPSS: 0%CPEs: 2EXPL: 0CVE-2024-30261 – Undici's fetch with integrity option is too lax when algorithm is specified but hash value is in incorrect
https://notcve.org/view.php?id=CVE-2024-30261
04 Apr 2024 — Undici is an HTTP/1.1 client, written from scratch for Node.js. An attacker can alter the `integrity` option passed to `fetch()`, allowing `fetch()` to accept requests as valid even if they have been tampered. This vulnerability was patched in version(s) 5.28.4 and 6.11.1. Undici es un cliente HTTP/1.1, escrito desde cero para Node.js. Un atacante puede alterar la opción `integridad` pasada a `fetch()`, permitiendo que `fetch()` acepte solicitudes como válidas incluso si han sido manipuladas. • https://github.com/nodejs/undici/commit/2b39440bd9ded841c93dd72138f3b1763ae26055 • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24750 – Backpressure request ignored in fetch() in Undici
https://notcve.org/view.php?id=CVE-2024-24750
16 Feb 2024 — Undici is an HTTP/1.1 client, written from scratch for Node.js. In affected versions calling `fetch(url)` and not consuming the incoming body ((or consuming it very slowing) will lead to a memory leak. This issue has been addressed in version 6.6.1. Users are advised to upgrade. Users unable to upgrade should make sure to always consume the incoming body. • https://github.com/nodejs/undici/commit/87a48113f1f68f60aa09abb07276d7c35467c663 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-24758 – Proxy-Authorization header not cleared on cross-origin redirect in fetch in Undici
https://notcve.org/view.php?id=CVE-2024-24758
16 Feb 2024 — Undici is an HTTP/1.1 client, written from scratch for Node.js. Undici already cleared Authorization headers on cross-origin redirects, but did not clear `Proxy-Authentication` headers. This issue has been patched in versions 5.28.3 and 6.6.1. Users are advised to upgrade. There are no known workarounds for this vulnerability. • http://www.openwall.com/lists/oss-security/2024/03/11/1 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •