undici@5.24.0-test.4 vulnerabilities
An HTTP/1.1 client, written from scratch for Node.js
-
latest version
6.21.0
-
latest non vulnerable version
-
first published
6 years ago
-
latest version published
8 days ago
-
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the undici package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
undici is an An HTTP/1.1 client, written from scratch for Node.js Affected versions of this package are vulnerable to Improper Authorization due to improper handling of How to fix Improper Authorization? Upgrade |
<5.28.4
>=6.0.0 <6.11.1
|
undici is an An HTTP/1.1 client, written from scratch for Node.js Affected versions of this package are vulnerable to Improper Access Control due to the How to fix Improper Access Control? Upgrade |
<5.28.4
>=6.0.0 <6.11.1
|
undici is an An HTTP/1.1 client, written from scratch for Node.js Affected versions of this package are vulnerable to Permissive Cross-domain Policy with Untrusted Domains due to not clearing How to fix Permissive Cross-domain Policy with Untrusted Domains? Upgrade |
<5.28.3
>=6.0.0 <6.6.1
|
undici is an An HTTP/1.1 client, written from scratch for Node.js Affected versions of this package are vulnerable to Information Exposure during the Note: This is only exploitable if the attacker can control the redirection target. How to fix Information Exposure? Upgrade |
<5.26.2
|