1. Home
  2. Vulnerabilities
  3. CVE-2024-30261

CVE-2024-30261

CVSS v3.1 2.6 (Low)
26% Progress
EPSS 0.04 % (11th)
0.04% Progress
Advisories 8
NVD Status Awaiting Analysis
Info CVSS EPSS CAPEC References Security Advisories Packages & Software Tools, Exploits & PoC Graph Web & Social Timeline

Undici is an HTTP/1.1 client, written from scratch for Node.js. An attacker can alter the integrity option passed to fetch(), allowing fetch() to accept requests as valid even if they have been tampered. This vulnerability was patched in version(s) 5.28.4 and 6.11.1.

Weaknesses
CWE-284
Improper Access Control
CVE Status
PUBLISHED
NVD Status
Awaiting Analysis
CNA
GitHub, Inc.
Published Date
2024-04-04 15:15:39
(5 months ago)
Updated Date
2024-04-19 23:15:11
(5 months ago)