org.webjars.npm:undici vulnerabilities

Licenses: MIT

Published: 4 years ago Last updated: 3 months ago Latest version: 7.16.0

License

MIT[4.12.2,);

Known vulnerabilities in the org.webjars.npm:undici package. This does not include vulnerabilities belonging to this package’s dependencies.

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Vulnerability	Vulnerable Version
M HTTP Request Smuggling	[0,)
H Uncaught Exception	[6.23.0,)
H Improper Handling of Highly Compressed Data (Data Amplification)	[0,)
H Uncaught Exception	[0,)
M CRLF Injection	[0,)
M Allocation of Resources Without Limits or Throttling	[0,)
L Missing Release of Memory after Effective Lifetime	[,5.29.0)
H Insecure Randomness	[,7.12.0)
L Improper Authorization	[,5.28.4)
L Improper Access Control	[,5.28.4)
L Permissive Cross-domain Policy with Untrusted Domains	[,5.28.3)
L Information Exposure	[,5.27.0)
H Regular Expression Denial of Service (ReDoS)	[,5.20.0)
M CRLF Injection	[,5.20.0)
M CRLF Injection	[,5.10.0)
M Server-side Request Forgery (SSRF)	[,5.10.0)
L Information Exposure	[,5.10.0)
M CRLF Injection	[,5.10.0)
M Improper Certificate Validation	[4.8.2,5.5.1)

17 VERSIONS IN TOTAL See all versions