Lucene search

Basic search
Lucene search
Search by product

Database

Vendors

FedoraFEDORA:47E6020D6560

HistoryApr 12, 2024 - 1:21 a.m.

Vulners
/
Fedora
/
[SECURITY] Fedora 39 Update: nodejs-undici-6.11.1-2.fc39

[SECURITY] Fedora 39 Update: nodejs-undici-6.11.1-2.fc39

2024-04-1201:21:51

lists.fedoraproject.org

fedora

update

node.js

http/1.1

client

unix

CVSS3

3.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L

AI Score

7.4

Confidence

Low

EPSS

Percentile

10.3%

JSON

An HTTP/1.1 client, written from scratch for Node.js.

OSVersionArchitecturePackageVersionFilename
Fedora39anynodejs-undici< 6.11.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Fedora	39	any	nodejs-undici	< 6.11.1	UNKNOWN

fedora 2

ibm 7

nessus 11

openvas 6

cbl_mariner 4

debiancve 2

hackerone 3

osv 4

redhatcve 2

vulnrichment 2

nvd 2

cvelist 2

cve 2

ubuntucve 2

veracode 2

github 2

redhat 1

fedora

[SECURITY] Fedora 38 Update: nodejs-undici-6.11.1-2.fc38

2024-04-12 01:15:45

[SECURITY] Fedora 40 Update: nodejs-undici-6.11.1-2.fc40

2024-04-19 21:41:28

ibm

Security Bulletin: IBM App Connect Enterprise Certified Container IntegrationServer and IntegrationRuntime operands are vulnerable to loss of confidentiality due to [CVE-2024-30260] [CVE-2024-30261]

2024-04-23 14:14:02

Security Bulletin: IBM Cloud Pak for Data is vulnerable to bypass security restriction due to Node.js undici module ( CVE-2024-30261, CVE-2024-30260 )

2024-08-08 15:45:10

Security Bulletin: IBM Decision Optimization for Cloud Pak for Data is vulnerable to a remote authenticated attacker (CVE-2024-30260, CVE-2024-30261)

2024-06-21 15:18:22

nessus

SUSE SLES12 Security Update : nodejs16 (SUSE-SU-2024:1836-1)

2024-05-30 00:00:00

Fedora 40 : nodejs-undici (2024-a5dc987f91)

2024-04-29 00:00:00

Fedora 38 : nodejs-undici (2024-6d9c1da54f)

2024-04-12 00:00:00

openvas

Fedora: Security Advisory (FEDORA-2024-a5dc987f91)

2024-05-27 00:00:00

openSUSE: Security Advisory for nodejs16 (SUSE-SU-2024:1837-1)

2024-06-05 00:00:00

Fedora: Security Advisory (FEDORA-2024-ad51aa23c3)

2024-09-10 00:00:00

cbl_mariner

CVE-2024-30260 affecting package nodejs for versions less than 20.14.0-1

2024-06-21 09:32:44

CVE-2024-30261 affecting package nodejs for versions less than 20.14.0-1

2024-06-21 09:32:44

CVE-2024-30261 affecting package nodejs18 for versions less than 18.20.2-1

2024-05-06 17:48:02

debiancve

CVE-2024-30260

2024-04-04 16:15:08

CVE-2024-30261

2024-04-04 15:15:39

hackerone

Internet Bug Bounty: Proxy-Authorization header not cleared on cross-origin redirect in undici.request

2024-04-07 14:32:15

Node.js: Proxy-Authorization header not cleared on cross-origin redirect in undici.request

2024-03-08 04:43:40

Node.js: fetch with integrity option is too lax when algorithm is specified but hash value is in incorrect

2024-02-18 12:17:23

osv

CVE-2024-30261

2024-04-04 15:15:39

Undici's fetch with integrity option is too lax when algorithm is specified but hash value is in incorrect

2024-04-04 14:20:54

Undici's Proxy-Authorization header not cleared on cross-origin redirect for dispatch, request, stream, pipeline

2024-04-04 14:20:39

redhatcve

CVE-2024-30261

2024-04-04 20:21:57

CVE-2024-30260

2024-04-04 20:21:47

vulnrichment

CVE-2024-30261 Undici's fetch with integrity option is too lax when algorithm is specified but hash value is in incorrect

2024-04-04 15:09:11

CVE-2024-30260 Undici's Proxy-Authorization header not cleared on cross-origin redirect for dispatch, request, stream, pipeline

2024-04-04 15:15:44

nvd

CVE-2024-30261

2024-04-04 15:15:39

CVE-2024-30260

2024-04-04 16:15:08

cvelist

CVE-2024-30260 Undici's Proxy-Authorization header not cleared on cross-origin redirect for dispatch, request, stream, pipeline

2024-04-04 15:15:44

CVE-2024-30261 Undici's fetch with integrity option is too lax when algorithm is specified but hash value is in incorrect

2024-04-04 15:09:11

cve

CVE-2024-30261

2024-04-04 15:15:39

CVE-2024-30260

2024-04-04 16:15:08

ubuntucve

CVE-2024-30260

2024-04-04 00:00:00

CVE-2024-30261

2024-04-04 00:00:00

veracode

Improper Access Control

2024-04-05 08:59:52

Header Injection

2024-04-05 10:51:03

github

Undici's fetch with integrity option is too lax when algorithm is specified but hash value is in incorrect

2024-04-04 14:20:54

Undici's Proxy-Authorization header not cleared on cross-origin redirect for dispatch, request, stream, pipeline

2024-04-04 14:20:39

redhat

(RHSA-2024:6667) Important: Red Hat OpenShift Dev Spaces 3.16.0 release

2024-09-12 20:17:28

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

CVSS3

3.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L

AI Score

7.4

Confidence

Low

EPSS

Percentile

10.3%

JSON

Related for FEDORA:47E6020D6560