Количество 11
Количество 11
CVE-2024-30261
Undici is an HTTP/1.1 client, written from scratch for Node.js. An attacker can alter the `integrity` option passed to `fetch()`, allowing `fetch()` to accept requests as valid even if they have been tampered. This vulnerability was patched in version(s) 5.28.4 and 6.11.1.
CVE-2024-30261
Undici is an HTTP/1.1 client, written from scratch for Node.js. An attacker can alter the `integrity` option passed to `fetch()`, allowing `fetch()` to accept requests as valid even if they have been tampered. This vulnerability was patched in version(s) 5.28.4 and 6.11.1.
CVE-2024-30261
Undici is an HTTP/1.1 client, written from scratch for Node.js. An attacker can alter the `integrity` option passed to `fetch()`, allowing `fetch()` to accept requests as valid even if they have been tampered. This vulnerability was patched in version(s) 5.28.4 and 6.11.1.
CVE-2024-30261
CVE-2024-30261
Undici is an HTTP/1.1 client, written from scratch for Node.js. An att ...
GHSA-9qxr-qj54-h672
Undici's fetch with integrity option is too lax when algorithm is specified but hash value is in incorrect
BDU:2024-03123
Уязвимость клиента HTTP/1.1 undici программной платформы Node.js, позволяющая нарушителю выполнить произвольный код
SUSE-SU-2024:1836-1
Security update for nodejs16
SUSE-SU-2024:1309-1
Security update for nodejs18
SUSE-SU-2024:1307-1
Security update for nodejs18
SUSE-SU-2024:1301-1
Security update for nodejs20
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-30261 Undici is an HTTP/1.1 client, written from scratch for Node.js. An attacker can alter the `integrity` option passed to `fetch()`, allowing `fetch()` to accept requests as valid even if they have been tampered. This vulnerability was patched in version(s) 5.28.4 and 6.11.1. | CVSS3: 2.6 | 0% Низкий | почти 2 года назад |
 | CVE-2024-30261 Undici is an HTTP/1.1 client, written from scratch for Node.js. An attacker can alter the `integrity` option passed to `fetch()`, allowing `fetch()` to accept requests as valid even if they have been tampered. This vulnerability was patched in version(s) 5.28.4 and 6.11.1. | CVSS3: 2.6 | 0% Низкий | почти 2 года назад |
 | CVE-2024-30261 Undici is an HTTP/1.1 client, written from scratch for Node.js. An attacker can alter the `integrity` option passed to `fetch()`, allowing `fetch()` to accept requests as valid even if they have been tampered. This vulnerability was patched in version(s) 5.28.4 and 6.11.1. | CVSS3: 2.6 | 0% Низкий | почти 2 года назад |
 | CVSS3: 3.5 | 0% Низкий | почти 2 года назад | |
| CVE-2024-30261 Undici is an HTTP/1.1 client, written from scratch for Node.js. An att ... | CVSS3: 2.6 | 0% Низкий | почти 2 года назад |
| GHSA-9qxr-qj54-h672 Undici's fetch with integrity option is too lax when algorithm is specified but hash value is in incorrect | CVSS3: 2.6 | 0% Низкий | почти 2 года назад |
 | BDU:2024-03123 Уязвимость клиента HTTP/1.1 undici программной платформы Node.js, позволяющая нарушителю выполнить произвольный код | CVSS3: 2.6 | 0% Низкий | почти 2 года назад |
 | SUSE-SU-2024:1836-1 Security update for nodejs16 | больше 1 года назад | ||
| SUSE-SU-2024:1309-1 Security update for nodejs18 | почти 2 года назад | ||
| SUSE-SU-2024:1307-1 Security update for nodejs18 | почти 2 года назад | ||
| SUSE-SU-2024:1301-1 Security update for nodejs20 | почти 2 года назад |
Уязвимостей на страницу