nodejs Undici Vulnerabilities
Nodejs Undici vulnerabilities.
Vulnerability Published:
🗓️ Published
- Anytime
Sort By:
🗓️ Published Date
- Descending
Memory Leak Vulnerability in Undici HTTP Client for Node.js
CVE-2025-47279NodejsUndici3.1LOWHTTP Client Vulnerability in Undici Affecting Node.js Applications
CVE-2025-22150NodejsUndici6.8MEDIUMPatched Memory Leak in Undici HTTP/1.1 Client
CVE-2024-38372NodejsUndici2LOWUndici's Proxy-Authorization header not cleared on cross-origin redirect for dispatch, request, stream, pipeline
CVE-2024-30260NodejsUndici4.3MEDIUMUndici's fetch with integrity option is too lax when algorithm is specified but hash value is in incorrect
CVE-2024-30261NodejsUndici2.6LOWMemory Leak in Undici HTTP/1.1 Client Affects Users, Upgrade to 6.6.1 Advised
CVE-2024-24750NodejsUndici6.5MEDIUMUndici Patches Authentication Header Vulnerability
CVE-2024-24758NodejsUndici3.9LOWUndici's cookie header not cleared on cross-origin redirect in fetch
CVE-2023-45143NodejsUndici3.9LOWCRLF Injection in Nodejs ‘undici’ via host
CVE-2023-23936NodejsUndici6.5MEDIUMUndici vulnerable to Regular Expression Denial of Service in Headers
CVE-2023-24807NodejsUndici7.5HIGHCRLF Injection in Nodejs ‘undici’ via Content-Type
CVE-2022-35948NodejsUndici5.3MEDIUM`undici.request` vulnerable to SSRF using absolute URL on `pathname`
CVE-2022-35949NodejsUndici5.3MEDIUMUncleared cookies on cross-host/cross-origin redirect in undici
CVE-2022-31151NodejsUndici3.7LOWCRLF injection in request headers
CVE-2022-31150NodejsUndici5.3MEDIUM
15 May 2025
21 January 2025
8 July 2024
4 April 2024
16 February 2024
12 October 2023
16 February 2023
13 August 2022
12 August 2022
21 July 2022
19 July 2022
No more vulnerabilities to load.