Количество 19
Количество 19
CVE-2023-24807
Undici is an HTTP/1.1 client for Node.js. Prior to version 5.19.1, the `Headers.set()` and `Headers.append()` methods are vulnerable to Regular Expression Denial of Service (ReDoS) attacks when untrusted values are passed into the functions. This is due to the inefficient regular expression used to normalize the values in the `headerValueNormalize()` utility function. This vulnerability was patched in v5.19.1. No known workarounds are available.
CVE-2023-24807
Undici is an HTTP/1.1 client for Node.js. Prior to version 5.19.1, the `Headers.set()` and `Headers.append()` methods are vulnerable to Regular Expression Denial of Service (ReDoS) attacks when untrusted values are passed into the functions. This is due to the inefficient regular expression used to normalize the values in the `headerValueNormalize()` utility function. This vulnerability was patched in v5.19.1. No known workarounds are available.
CVE-2023-24807
Undici is an HTTP/1.1 client for Node.js. Prior to version 5.19.1, the `Headers.set()` and `Headers.append()` methods are vulnerable to Regular Expression Denial of Service (ReDoS) attacks when untrusted values are passed into the functions. This is due to the inefficient regular expression used to normalize the values in the `headerValueNormalize()` utility function. This vulnerability was patched in v5.19.1. No known workarounds are available.
CVE-2023-24807
CVE-2023-24807
Undici is an HTTP/1.1 client for Node.js. Prior to version 5.19.1, the ...
GHSA-r6ch-mqf9-qc9w
Regular Expression Denial of Service in Headers
SUSE-SU-2023:0738-1
Security update for nodejs18
SUSE-SU-2023:0715-1
Security update for nodejs18
SUSE-SU-2023:0673-1
Security update for nodejs16
SUSE-SU-2023:0609-1
Security update for nodejs16
SUSE-SU-2023:0608-1
Security update for nodejs16
RLSA-2023:2655
Moderate: nodejs and nodejs-nodemon security, bug fix, and enhancement update
RLSA-2023:1583
Moderate: nodejs:18 security, bug fix, and enhancement update
ELSA-2023-2655
ELSA-2023-2655: nodejs and nodejs-nodemon security, bug fix, and enhancement update (MODERATE)
ELSA-2023-1583
ELSA-2023-1583: nodejs:18 security, bug fix, and enhancement update (MODERATE)
RLSA-2023:2654
Moderate: nodejs:18 security, bug fix, and enhancement update
RLSA-2023:1582
Moderate: nodejs:16 security, bug fix, and enhancement update
ELSA-2023-2654
ELSA-2023-2654: nodejs:18 security, bug fix, and enhancement update (MODERATE)
ELSA-2023-1582
ELSA-2023-1582: nodejs:16 security, bug fix, and enhancement update (MODERATE)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-24807 Undici is an HTTP/1.1 client for Node.js. Prior to version 5.19.1, the `Headers.set()` and `Headers.append()` methods are vulnerable to Regular Expression Denial of Service (ReDoS) attacks when untrusted values are passed into the functions. This is due to the inefficient regular expression used to normalize the values in the `headerValueNormalize()` utility function. This vulnerability was patched in v5.19.1. No known workarounds are available. | CVSS3: 7.5 | 0% Низкий | около 3 лет назад |
 | CVE-2023-24807 Undici is an HTTP/1.1 client for Node.js. Prior to version 5.19.1, the `Headers.set()` and `Headers.append()` methods are vulnerable to Regular Expression Denial of Service (ReDoS) attacks when untrusted values are passed into the functions. This is due to the inefficient regular expression used to normalize the values in the `headerValueNormalize()` utility function. This vulnerability was patched in v5.19.1. No known workarounds are available. | CVSS3: 7.5 | 0% Низкий | около 3 лет назад |
 | CVE-2023-24807 Undici is an HTTP/1.1 client for Node.js. Prior to version 5.19.1, the `Headers.set()` and `Headers.append()` methods are vulnerable to Regular Expression Denial of Service (ReDoS) attacks when untrusted values are passed into the functions. This is due to the inefficient regular expression used to normalize the values in the `headerValueNormalize()` utility function. This vulnerability was patched in v5.19.1. No known workarounds are available. | CVSS3: 7.5 | 0% Низкий | около 3 лет назад |
 | CVSS3: 7.5 | 0% Низкий | около 3 лет назад | |
| CVE-2023-24807 Undici is an HTTP/1.1 client for Node.js. Prior to version 5.19.1, the ... | CVSS3: 7.5 | 0% Низкий | около 3 лет назад |
| GHSA-r6ch-mqf9-qc9w Regular Expression Denial of Service in Headers | CVSS3: 7.5 | 0% Низкий | около 3 лет назад |
 | SUSE-SU-2023:0738-1 Security update for nodejs18 | около 3 лет назад | ||
| SUSE-SU-2023:0715-1 Security update for nodejs18 | около 3 лет назад | ||
| SUSE-SU-2023:0673-1 Security update for nodejs16 | около 3 лет назад | ||
| SUSE-SU-2023:0609-1 Security update for nodejs16 | около 3 лет назад | ||
| SUSE-SU-2023:0608-1 Security update for nodejs16 | около 3 лет назад | ||
 | RLSA-2023:2655 Moderate: nodejs and nodejs-nodemon security, bug fix, and enhancement update | почти 3 года назад | ||
| RLSA-2023:1583 Moderate: nodejs:18 security, bug fix, and enhancement update | почти 3 года назад | ||
| ELSA-2023-2655 ELSA-2023-2655: nodejs and nodejs-nodemon security, bug fix, and enhancement update (MODERATE) | почти 3 года назад | ||
| ELSA-2023-1583 ELSA-2023-1583: nodejs:18 security, bug fix, and enhancement update (MODERATE) | почти 3 года назад | ||
| RLSA-2023:2654 Moderate: nodejs:18 security, bug fix, and enhancement update | 4 месяца назад | ||
| RLSA-2023:1582 Moderate: nodejs:16 security, bug fix, and enhancement update | почти 3 года назад | ||
| ELSA-2023-2654 ELSA-2023-2654: nodejs:18 security, bug fix, and enhancement update (MODERATE) | почти 3 года назад | ||
| ELSA-2023-1582 ELSA-2023-1582: nodejs:16 security, bug fix, and enhancement update (MODERATE) | почти 3 года назад |
Уязвимостей на страницу