exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 8

CVE-2022-31150

больше 3 лет назад

undici is an HTTP/1.1 client, written from scratch for Node.js. It is possible to inject CRLF sequences into request headers in undici in versions less than 5.7.1. A fix was released in version 5.8.0. Sanitizing all HTTP headers from untrusted sources to eliminate `\r\n` is a workaround for this issue.

CVSS3: 5.3

EPSS: Низкий

CVE-2022-31150

больше 3 лет назад

undici is an HTTP/1.1 client, written from scratch for Node.js. It is possible to inject CRLF sequences into request headers in undici in versions less than 5.7.1. A fix was released in version 5.8.0. Sanitizing all HTTP headers from untrusted sources to eliminate `\r\n` is a workaround for this issue.

CVSS3: 6.5

EPSS: Низкий

CVE-2022-31150

больше 3 лет назад

undici is an HTTP/1.1 client, written from scratch for Node.js. It is possible to inject CRLF sequences into request headers in undici in versions less than 5.7.1. A fix was released in version 5.8.0. Sanitizing all HTTP headers from untrusted sources to eliminate `\r\n` is a workaround for this issue.

CVSS3: 5.3

EPSS: Низкий

CVE-2022-31150

больше 3 лет назад

undici is an HTTP/1.1 client, written from scratch for Node.js. It is ...

CVSS3: 5.3

EPSS: Низкий

GHSA-3cvr-822r-rqcc

больше 3 лет назад

undici before v5.8.0 vulnerable to CRLF injection in request headers

CVSS3: 5.3

EPSS: Низкий

SUSE-SU-2022:3251-1

больше 3 лет назад

Security update for nodejs16

EPSS: Низкий

SUSE-SU-2022:3250-1

больше 3 лет назад

Security update for nodejs16

EPSS: Низкий

SUSE-SU-2022:3196-1

больше 3 лет назад

Security update for nodejs16

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2022-31150 undici is an HTTP/1.1 client, written from scratch for Node.js. It is possible to inject CRLF sequences into request headers in undici in versions less than 5.7.1. A fix was released in version 5.8.0. Sanitizing all HTTP headers from untrusted sources to eliminate `\r\n` is a workaround for this issue.	CVSS3: 5.3	1% Низкий	больше 3 лет назад
CVE-2022-31150 undici is an HTTP/1.1 client, written from scratch for Node.js. It is possible to inject CRLF sequences into request headers in undici in versions less than 5.7.1. A fix was released in version 5.8.0. Sanitizing all HTTP headers from untrusted sources to eliminate `\r\n` is a workaround for this issue.	CVSS3: 6.5	1% Низкий	больше 3 лет назад
CVE-2022-31150 undici is an HTTP/1.1 client, written from scratch for Node.js. It is possible to inject CRLF sequences into request headers in undici in versions less than 5.7.1. A fix was released in version 5.8.0. Sanitizing all HTTP headers from untrusted sources to eliminate `\r\n` is a workaround for this issue.	CVSS3: 5.3	1% Низкий	больше 3 лет назад
CVE-2022-31150 undici is an HTTP/1.1 client, written from scratch for Node.js. It is ...	CVSS3: 5.3	1% Низкий	больше 3 лет назад
GHSA-3cvr-822r-rqcc undici before v5.8.0 vulnerable to CRLF injection in request headers	CVSS3: 5.3	1% Низкий	больше 3 лет назад
SUSE-SU-2022:3251-1 Security update for nodejs16			больше 3 лет назад
SUSE-SU-2022:3250-1 Security update for nodejs16			больше 3 лет назад
SUSE-SU-2022:3196-1 Security update for nodejs16			больше 3 лет назад

Уязвимостей на страницу