Количество 16
Количество 16
CVE-2023-24807
Undici is an HTTP/1.1 client for Node.js. Prior to version 5.19.1, the `Headers.set()` and `Headers.append()` methods are vulnerable to Regular Expression Denial of Service (ReDoS) attacks when untrusted values are passed into the functions. This is due to the inefficient regular expression used to normalize the values in the `headerValueNormalize()` utility function. This vulnerability was patched in v5.19.1. No known workarounds are available.
CVE-2023-24807
Undici is an HTTP/1.1 client for Node.js. Prior to version 5.19.1, the `Headers.set()` and `Headers.append()` methods are vulnerable to Regular Expression Denial of Service (ReDoS) attacks when untrusted values are passed into the functions. This is due to the inefficient regular expression used to normalize the values in the `headerValueNormalize()` utility function. This vulnerability was patched in v5.19.1. No known workarounds are available.
CVE-2023-24807
Undici is an HTTP/1.1 client for Node.js. Prior to version 5.19.1, the `Headers.set()` and `Headers.append()` methods are vulnerable to Regular Expression Denial of Service (ReDoS) attacks when untrusted values are passed into the functions. This is due to the inefficient regular expression used to normalize the values in the `headerValueNormalize()` utility function. This vulnerability was patched in v5.19.1. No known workarounds are available.
CVE-2023-24807
CVE-2023-24807
Undici is an HTTP/1.1 client for Node.js. Prior to version 5.19.1, the ...
GHSA-r6ch-mqf9-qc9w
Regular Expression Denial of Service in Headers
SUSE-SU-2023:0738-1
Security update for nodejs18
SUSE-SU-2023:0715-1
Security update for nodejs18
SUSE-SU-2023:0673-1
Security update for nodejs16
SUSE-SU-2023:0609-1
Security update for nodejs16
SUSE-SU-2023:0608-1
Security update for nodejs16
RLSA-2023:2655
Moderate: nodejs and nodejs-nodemon security, bug fix, and enhancement update
ELSA-2023-2655
ELSA-2023-2655: nodejs and nodejs-nodemon security, bug fix, and enhancement update (MODERATE)
ELSA-2023-1583
ELSA-2023-1583: nodejs:18 security, bug fix, and enhancement update (MODERATE)
ELSA-2023-2654
ELSA-2023-2654: nodejs:18 security, bug fix, and enhancement update (MODERATE)
ELSA-2023-1582
ELSA-2023-1582: nodejs:16 security, bug fix, and enhancement update (MODERATE)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-24807 Undici is an HTTP/1.1 client for Node.js. Prior to version 5.19.1, the `Headers.set()` and `Headers.append()` methods are vulnerable to Regular Expression Denial of Service (ReDoS) attacks when untrusted values are passed into the functions. This is due to the inefficient regular expression used to normalize the values in the `headerValueNormalize()` utility function. This vulnerability was patched in v5.19.1. No known workarounds are available. | CVSS3: 7.5 | 0% Низкий | больше 2 лет назад |
 | CVE-2023-24807 Undici is an HTTP/1.1 client for Node.js. Prior to version 5.19.1, the `Headers.set()` and `Headers.append()` methods are vulnerable to Regular Expression Denial of Service (ReDoS) attacks when untrusted values are passed into the functions. This is due to the inefficient regular expression used to normalize the values in the `headerValueNormalize()` utility function. This vulnerability was patched in v5.19.1. No known workarounds are available. | CVSS3: 7.5 | 0% Низкий | больше 2 лет назад |
 | CVE-2023-24807 Undici is an HTTP/1.1 client for Node.js. Prior to version 5.19.1, the `Headers.set()` and `Headers.append()` methods are vulnerable to Regular Expression Denial of Service (ReDoS) attacks when untrusted values are passed into the functions. This is due to the inefficient regular expression used to normalize the values in the `headerValueNormalize()` utility function. This vulnerability was patched in v5.19.1. No known workarounds are available. | CVSS3: 7.5 | 0% Низкий | больше 2 лет назад |
 | CVSS3: 7.5 | 0% Низкий | больше 2 лет назад | |
| CVE-2023-24807 Undici is an HTTP/1.1 client for Node.js. Prior to version 5.19.1, the ... | CVSS3: 7.5 | 0% Низкий | больше 2 лет назад |
| GHSA-r6ch-mqf9-qc9w Regular Expression Denial of Service in Headers | CVSS3: 7.5 | 0% Низкий | больше 2 лет назад |
 | SUSE-SU-2023:0738-1 Security update for nodejs18 | больше 2 лет назад | ||
| SUSE-SU-2023:0715-1 Security update for nodejs18 | больше 2 лет назад | ||
| SUSE-SU-2023:0673-1 Security update for nodejs16 | больше 2 лет назад | ||
| SUSE-SU-2023:0609-1 Security update for nodejs16 | больше 2 лет назад | ||
| SUSE-SU-2023:0608-1 Security update for nodejs16 | больше 2 лет назад | ||
 | RLSA-2023:2655 Moderate: nodejs and nodejs-nodemon security, bug fix, and enhancement update | около 2 лет назад | ||
| ELSA-2023-2655 ELSA-2023-2655: nodejs and nodejs-nodemon security, bug fix, and enhancement update (MODERATE) | около 2 лет назад | ||
| ELSA-2023-1583 ELSA-2023-1583: nodejs:18 security, bug fix, and enhancement update (MODERATE) | больше 2 лет назад | ||
| ELSA-2023-2654 ELSA-2023-2654: nodejs:18 security, bug fix, and enhancement update (MODERATE) | около 2 лет назад | ||
| ELSA-2023-1582 ELSA-2023-1582: nodejs:16 security, bug fix, and enhancement update (MODERATE) | больше 2 лет назад |
Уязвимостей на страницу