CVE-2022-31150
CRLF injection in request headers
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
2Exploited in Wild
-Decision
Descriptions
undici is an HTTP/1.1 client, written from scratch for Node.js. It is possible to inject CRLF sequences into request headers in undici in versions less than 5.7.1. A fix was released in version 5.8.0. Sanitizing all HTTP headers from untrusted sources to eliminate `\r
` is a workaround for this issue.
undici es un cliente HTTP/1.1, escrito desde cero para Node.js. Es posible inyectar secuencias de tipo CRLF en los encabezados de las peticiones en undici en versiones anteriores a 5.7.1. En versión 5.8.0 ha sido publicada una corrección. Una corrección a este problema es sanear todas las cabeceras HTTP de fuentes no confiables para eliminar las secuencias de tipo CRLF.
A flaw was found in the undici package. When requesting an input on an unsanitized request path, method, or headers it is possible to inject Carriage Return/Line Feed (CRLF) sequences into these requests.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-05-18 CVE Reserved
- 2022-07-19 CVE Published
- 2024-08-03 CVE Updated
- 2024-08-03 First Exploit
- 2024-10-10 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-93: Improper Neutralization of CRLF Sequences ('CRLF Injection')
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| https://github.com/nodejs/undici/releases/tag/v5.8.0 | Release Notes | |
| https://security.netapp.com/advisory/ntap-20220915-0002 | Third Party Advisory |
|
| URL | Date | SRC |
|---|---|---|
| https://github.com/nodejs/undici/security/advisories/GHSA-3cvr-822r-rqcc | 2024-08-03 | |
| https://hackerone.com/reports/409943 | 2024-08-03 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/security/cve/CVE-2022-31150 | 2022-09-26 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2109354 | 2022-09-26 |