Количество 19
Количество 19
CVE-2023-24807
Undici is an HTTP/1.1 client for Node.js. Prior to version 5.19.1, the `Headers.set()` and `Headers.append()` methods are vulnerable to Regular Expression Denial of Service (ReDoS) attacks when untrusted values are passed into the functions. This is due to the inefficient regular expression used to normalize the values in the `headerValueNormalize()` utility function. This vulnerability was patched in v5.19.1. No known workarounds are available.
CVE-2023-24807
Undici is an HTTP/1.1 client for Node.js. Prior to version 5.19.1, the `Headers.set()` and `Headers.append()` methods are vulnerable to Regular Expression Denial of Service (ReDoS) attacks when untrusted values are passed into the functions. This is due to the inefficient regular expression used to normalize the values in the `headerValueNormalize()` utility function. This vulnerability was patched in v5.19.1. No known workarounds are available.
CVE-2023-24807
Undici is an HTTP/1.1 client for Node.js. Prior to version 5.19.1, the `Headers.set()` and `Headers.append()` methods are vulnerable to Regular Expression Denial of Service (ReDoS) attacks when untrusted values are passed into the functions. This is due to the inefficient regular expression used to normalize the values in the `headerValueNormalize()` utility function. This vulnerability was patched in v5.19.1. No known workarounds are available.
CVE-2023-24807
CVE-2023-24807
Undici is an HTTP/1.1 client for Node.js. Prior to version 5.19.1, the ...
GHSA-r6ch-mqf9-qc9w
Regular Expression Denial of Service in Headers
SUSE-SU-2023:0738-1
Security update for nodejs18
SUSE-SU-2023:0715-1
Security update for nodejs18
SUSE-SU-2023:0673-1
Security update for nodejs16
SUSE-SU-2023:0609-1
Security update for nodejs16
SUSE-SU-2023:0608-1
Security update for nodejs16
RLSA-2023:2655
Moderate: nodejs and nodejs-nodemon security, bug fix, and enhancement update
RLSA-2023:1583
Moderate: nodejs:18 security, bug fix, and enhancement update
ELSA-2023-2655
ELSA-2023-2655: nodejs and nodejs-nodemon security, bug fix, and enhancement update (MODERATE)
ELSA-2023-1583
ELSA-2023-1583: nodejs:18 security, bug fix, and enhancement update (MODERATE)
RLSA-2023:2654
Moderate: nodejs:18 security, bug fix, and enhancement update
RLSA-2023:1582
Moderate: nodejs:16 security, bug fix, and enhancement update
ELSA-2023-2654
ELSA-2023-2654: nodejs:18 security, bug fix, and enhancement update (MODERATE)
ELSA-2023-1582
ELSA-2023-1582: nodejs:16 security, bug fix, and enhancement update (MODERATE)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-24807 Undici is an HTTP/1.1 client for Node.js. Prior to version 5.19.1, the `Headers.set()` and `Headers.append()` methods are vulnerable to Regular Expression Denial of Service (ReDoS) attacks when untrusted values are passed into the functions. This is due to the inefficient regular expression used to normalize the values in the `headerValueNormalize()` utility function. This vulnerability was patched in v5.19.1. No known workarounds are available. | CVSS3: 7.5 | 0% Низкий | почти 3 года назад |
 | CVE-2023-24807 Undici is an HTTP/1.1 client for Node.js. Prior to version 5.19.1, the `Headers.set()` and `Headers.append()` methods are vulnerable to Regular Expression Denial of Service (ReDoS) attacks when untrusted values are passed into the functions. This is due to the inefficient regular expression used to normalize the values in the `headerValueNormalize()` utility function. This vulnerability was patched in v5.19.1. No known workarounds are available. | CVSS3: 7.5 | 0% Низкий | почти 3 года назад |
 | CVE-2023-24807 Undici is an HTTP/1.1 client for Node.js. Prior to version 5.19.1, the `Headers.set()` and `Headers.append()` methods are vulnerable to Regular Expression Denial of Service (ReDoS) attacks when untrusted values are passed into the functions. This is due to the inefficient regular expression used to normalize the values in the `headerValueNormalize()` utility function. This vulnerability was patched in v5.19.1. No known workarounds are available. | CVSS3: 7.5 | 0% Низкий | почти 3 года назад |
 | CVSS3: 7.5 | 0% Низкий | почти 3 года назад | |
| CVE-2023-24807 Undici is an HTTP/1.1 client for Node.js. Prior to version 5.19.1, the ... | CVSS3: 7.5 | 0% Низкий | почти 3 года назад |
| GHSA-r6ch-mqf9-qc9w Regular Expression Denial of Service in Headers | CVSS3: 7.5 | 0% Низкий | почти 3 года назад |
 | SUSE-SU-2023:0738-1 Security update for nodejs18 | больше 2 лет назад | ||
| SUSE-SU-2023:0715-1 Security update for nodejs18 | почти 3 года назад | ||
| SUSE-SU-2023:0673-1 Security update for nodejs16 | почти 3 года назад | ||
| SUSE-SU-2023:0609-1 Security update for nodejs16 | почти 3 года назад | ||
| SUSE-SU-2023:0608-1 Security update for nodejs16 | почти 3 года назад | ||
 | RLSA-2023:2655 Moderate: nodejs and nodejs-nodemon security, bug fix, and enhancement update | больше 2 лет назад | ||
| RLSA-2023:1583 Moderate: nodejs:18 security, bug fix, and enhancement update | больше 2 лет назад | ||
| ELSA-2023-2655 ELSA-2023-2655: nodejs and nodejs-nodemon security, bug fix, and enhancement update (MODERATE) | больше 2 лет назад | ||
| ELSA-2023-1583 ELSA-2023-1583: nodejs:18 security, bug fix, and enhancement update (MODERATE) | больше 2 лет назад | ||
| RLSA-2023:2654 Moderate: nodejs:18 security, bug fix, and enhancement update | 10 дней назад | ||
| RLSA-2023:1582 Moderate: nodejs:16 security, bug fix, and enhancement update | больше 2 лет назад | ||
| ELSA-2023-2654 ELSA-2023-2654: nodejs:18 security, bug fix, and enhancement update (MODERATE) | больше 2 лет назад | ||
| ELSA-2023-1582 ELSA-2023-1582: nodejs:16 security, bug fix, and enhancement update (MODERATE) | больше 2 лет назад |
Уязвимостей на страницу