Lucene search
Veracode Vulnerability DatabaseVERACODE:36419HistoryJul 20, 2022 - 4:30 a.m.
CRLF Injection
2022-07-2004:30:53
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
35
0.001 Low
EPSS
Percentile
48.4%
undici is vulnerable to CRLF Injection. The vulnerability exists due to the lack of sanitization used in the request path url in the request class of request.js, allowing an attacker to inject and execute malicious request headers when that header contains the \r\n characters.
Related
debiancve
debiancve
CVE-2022-31150
2022-07-19 21:15:15
cve
cve
CVE-2022-31150
2022-07-19 21:15:15
ubuntucve
ubuntucve
CVE-2022-31150
2022-07-19 00:00:00
osv
osv
CVE-2022-31150
2022-07-19 21:15:15
undici before v5.8.0 vulnerable to CRLF injection in request headers
2022-07-21 20:30:10
prion
prion
Crlf injection
2022-07-19 21:15:00
redhatcve
redhatcve
CVE-2022-31150
2022-07-21 10:48:26
cvelist
cvelist
CVE-2022-31150 CRLF injection in request headers
2022-07-19 20:40:10
nvd
nvd
CVE-2022-31150
2022-07-19 21:15:15
github
github
undici before v5.8.0 vulnerable to CRLF injection in request headers
2022-07-21 20:30:10
suse
suse
Security update for nodejs16 (moderate)
2022-09-12 00:00:00
Security update for nodejs16 (moderate)
2022-09-12 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2022:3251-1)
2022-09-13 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:3196-1)
2022-09-09 00:00:00
openSUSE: Security Advisory for nodejs16 (SUSE-SU-2022:3250-1)
2022-09-13 00:00:00
nessus
nessus
SUSE SLES12 Security Update : nodejs16 (SUSE-SU-2022:3196-1)
2022-09-09 00:00:00
SUSE SLES15 Security Update : nodejs16 (SUSE-SU-2022:3250-1)
2022-09-13 00:00:00
SUSE SLES15 Security Update : nodejs16 (SUSE-SU-2022:3251-1)
2022-09-13 00:00:00
redhat
redhat