Описание
undici before v5.8.0 vulnerable to CRLF injection in request headers
Impact
It is possible to inject CRLF sequences into request headers in Undici.
The same applies to path and method
Patches
Update to v5.8.0
Workarounds
Sanitize all HTTP headers from untrusted sources to eliminate \r\n.
References
https://hackerone.com/reports/409943 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12116
For more information
If you have any questions or comments about this advisory:
- Open an issue in undici repository
- To make a report, follow the SECURITY document
Ссылки
- https://github.com/nodejs/undici/security/advisories/GHSA-3cvr-822r-rqcc
- https://nvd.nist.gov/vuln/detail/CVE-2022-31150
- https://github.com/nodejs/undici/commit/a29a151d0140d095742d21a004023d024fe93259
- https://hackerone.com/reports/409943
- https://github.com/nodejs/undici/releases/tag/v5.8.0
- https://security.netapp.com/advisory/ntap-20220915-0002
Пакеты
undici
< 5.8.0
5.8.0
Связанные уязвимости
undici is an HTTP/1.1 client, written from scratch for Node.js. It is possible to inject CRLF sequences into request headers in undici in versions less than 5.7.1. A fix was released in version 5.8.0. Sanitizing all HTTP headers from untrusted sources to eliminate `\r\n` is a workaround for this issue.
undici is an HTTP/1.1 client, written from scratch for Node.js. It is possible to inject CRLF sequences into request headers in undici in versions less than 5.7.1. A fix was released in version 5.8.0. Sanitizing all HTTP headers from untrusted sources to eliminate `\r\n` is a workaround for this issue.
undici is an HTTP/1.1 client, written from scratch for Node.js. It is possible to inject CRLF sequences into request headers in undici in versions less than 5.7.1. A fix was released in version 5.8.0. Sanitizing all HTTP headers from untrusted sources to eliminate `\r\n` is a workaround for this issue.
undici is an HTTP/1.1 client, written from scratch for Node.js. It is ...
