Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
20 vulnerabilities by undici
CVE-2026-11525 (GCVE-0-2026-11525)
Vulnerability from cvelistv5 – Published: 2026-06-17 17:31 – Updated: 2026-06-17 17:54
VLAI
Title
undici vulnerable to Set-Cookie SameSite attribute downgrade via permissive substring matching
Summary
Impact:
When undici parses a Set-Cookie header, it accepts any SameSite attribute value that contains Strict, Lax, or None as a substring, rather than the case-insensitive exact match specified by RFC 6265. Non-spec values are silently mapped to one of the three standard tokens. For example, SameSite=NoneOfYourBusiness is parsed as None (the most permissive setting), and SameSite=StrictLax is parsed as Lax (a downgrade from Strict).
Affected applications are those that consume Set-Cookie headers from server responses (for example via undici's fetch or proxy code paths) and then forward or rely on the parsed sameSite attribute. A malicious or non-compliant server can coerce the consumer's view of a cookie's SameSite policy to a weaker value, silently degrading the SameSite enforcement the cookie is supposed to provide.
This was introduced in undici 5.15.0 when the cookies feature was added.
Patches:
Upgrade to undici v6.26.0, v7.28.0 or v8.5.0.
Workarounds:
After parsing a Set-Cookie header, validate that the resulting sameSite attribute is one of 'Strict', 'Lax', or 'None' (exact, case-insensitive) before forwarding or relying on it.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-183 - Permissive List of Allowed Inputs
Assigner
References
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-11525",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-17T17:53:40.763762Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-17T17:54:22.022Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageURL": "pkg:npm/undici",
"product": "undici",
"vendor": "undici",
"versions": [
{
"lessThan": "6.26.0",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "6.26.0",
"versionType": "semver"
},
{
"lessThan": "7.28.0",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "7.28.0",
"versionType": "semver"
},
{
"lessThan": "8.5.0",
"status": "affected",
"version": "8.0.0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "8.5.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "remediation reviewer",
"value": "UlisesGascon"
},
{
"lang": "en",
"type": "remediation reviewer",
"value": "KhafraDev"
},
{
"lang": "en",
"type": "remediation developer",
"value": "mcollina"
},
{
"lang": "en",
"type": "reporter",
"value": "tndud042713"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Impact:\nWhen undici parses a Set-Cookie header, it accepts any SameSite attribute value that contains Strict, Lax, or None as a substring, rather than the case-insensitive exact match specified by RFC 6265. Non-spec values are silently mapped to one of the three standard tokens. For example, SameSite=NoneOfYourBusiness is parsed as None (the most permissive setting), and SameSite=StrictLax is parsed as Lax (a downgrade from Strict).\n\nAffected applications are those that consume Set-Cookie headers from server responses (for example via undici\u0027s fetch or proxy code paths) and then forward or rely on the parsed sameSite attribute. A malicious or non-compliant server can coerce the consumer\u0027s view of a cookie\u0027s SameSite policy to a weaker value, silently degrading the SameSite enforcement the cookie is supposed to provide.\n\nThis was introduced in undici 5.15.0 when the cookies feature was added.\n\nPatches:\nUpgrade to undici v6.26.0, v7.28.0 or v8.5.0.\n\nWorkarounds:\nAfter parsing a Set-Cookie header, validate that the resulting sameSite attribute is one of \u0027Strict\u0027, \u0027Lax\u0027, or \u0027None\u0027 (exact, case-insensitive) before forwarding or relying on it."
}
],
"value": "Impact:\nWhen undici parses a Set-Cookie header, it accepts any SameSite attribute value that contains Strict, Lax, or None as a substring, rather than the case-insensitive exact match specified by RFC 6265. Non-spec values are silently mapped to one of the three standard tokens. For example, SameSite=NoneOfYourBusiness is parsed as None (the most permissive setting), and SameSite=StrictLax is parsed as Lax (a downgrade from Strict).\n\nAffected applications are those that consume Set-Cookie headers from server responses (for example via undici\u0027s fetch or proxy code paths) and then forward or rely on the parsed sameSite attribute. A malicious or non-compliant server can coerce the consumer\u0027s view of a cookie\u0027s SameSite policy to a weaker value, silently degrading the SameSite enforcement the cookie is supposed to provide.\n\nThis was introduced in undici 5.15.0 when the cookies feature was added.\n\nPatches:\nUpgrade to undici v6.26.0, v7.28.0 or v8.5.0.\n\nWorkarounds:\nAfter parsing a Set-Cookie header, validate that the resulting sameSite attribute is one of \u0027Strict\u0027, \u0027Lax\u0027, or \u0027None\u0027 (exact, case-insensitive) before forwarding or relying on it."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-183",
"description": "CWE-183: Permissive List of Allowed Inputs",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-17T17:31:03.163Z",
"orgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
"shortName": "openjs"
},
"references": [
{
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-g8m3-5g58-fq7m"
},
{
"url": "https://cna.openjsf.org/security-advisories.html"
}
],
"title": "undici vulnerable to Set-Cookie SameSite attribute downgrade via permissive substring matching",
"x_generator": {
"engine": "cve-kit 1.0.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
"assignerShortName": "openjs",
"cveId": "CVE-2026-11525",
"datePublished": "2026-06-17T17:31:03.163Z",
"dateReserved": "2026-06-07T18:49:35.986Z",
"dateUpdated": "2026-06-17T17:54:22.022Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-6733 (GCVE-0-2026-6733)
Vulnerability from cvelistv5 – Published: 2026-06-17 17:14 – Updated: 2026-06-17 18:30
VLAI
Title
undici vulnerable to HTTP response queue poisoning via keep-alive socket reuse
Summary
Impact:
Undici's HTTP/1.1 client is vulnerable to response queue poisoning on reused keep-alive sockets. An attacker-controlled upstream server can inject an unsolicited HTTP/1.1 response onto an idle socket after a request completes. When the client dispatches the next request on that socket, it associates the injected response with the new request, causing responses to be delivered to the wrong requests.
This requires an attacker-controlled or compromised upstream HTTP/1.1 server and keep-alive connection reuse.
Patches:
Upgrade to undici v6.26.0, v7.28.0 or v8.5.0.
Workarounds:
Disable keep-alive connection reuse by setting keepAliveTimeout: 0 on the Client or Pool.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition
Assigner
References
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-6733",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-17T18:30:07.748616Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-17T18:30:26.429Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageURL": "pkg:npm/undici",
"product": "undici",
"vendor": "undici",
"versions": [
{
"lessThan": "6.26.0",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "6.26.0",
"versionType": "semver"
},
{
"lessThan": "7.28.0",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "7.28.0",
"versionType": "semver"
},
{
"lessThan": "8.5.0",
"status": "affected",
"version": "8.0.0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "8.5.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "remediation developer",
"value": "mcollina"
},
{
"lang": "en",
"type": "remediation verifier",
"value": "UlisesGascon"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Impact:\nUndici\u0027s HTTP/1.1 client is vulnerable to response queue poisoning on reused keep-alive sockets. An attacker-controlled upstream server can inject an unsolicited HTTP/1.1 response onto an idle socket after a request completes. When the client dispatches the next request on that socket, it associates the injected response with the new request, causing responses to be delivered to the wrong requests.\n\nThis requires an attacker-controlled or compromised upstream HTTP/1.1 server and keep-alive connection reuse.\n\nPatches:\nUpgrade to undici v6.26.0, v7.28.0 or v8.5.0.\n\nWorkarounds:\nDisable keep-alive connection reuse by setting keepAliveTimeout: 0 on the Client or Pool."
}
],
"value": "Impact:\nUndici\u0027s HTTP/1.1 client is vulnerable to response queue poisoning on reused keep-alive sockets. An attacker-controlled upstream server can inject an unsolicited HTTP/1.1 response onto an idle socket after a request completes. When the client dispatches the next request on that socket, it associates the injected response with the new request, causing responses to be delivered to the wrong requests.\n\nThis requires an attacker-controlled or compromised upstream HTTP/1.1 server and keep-alive connection reuse.\n\nPatches:\nUpgrade to undici v6.26.0, v7.28.0 or v8.5.0.\n\nWorkarounds:\nDisable keep-alive connection reuse by setting keepAliveTimeout: 0 on the Client or Pool."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-367",
"description": "CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-17T17:14:50.991Z",
"orgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
"shortName": "openjs"
},
"references": [
{
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-35p6-xmwp-9g52"
},
{
"url": "https://hackerone.com/reports/3582376"
},
{
"url": "https://cna.openjsf.org/security-advisories.html"
}
],
"title": "undici vulnerable to HTTP response queue poisoning via keep-alive socket reuse",
"x_generator": {
"engine": "cve-kit 1.0.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
"assignerShortName": "openjs",
"cveId": "CVE-2026-6733",
"datePublished": "2026-06-17T17:14:50.991Z",
"dateReserved": "2026-04-20T22:44:32.835Z",
"dateUpdated": "2026-06-17T18:30:26.429Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-9678 (GCVE-0-2026-9678)
Vulnerability from cvelistv5 – Published: 2026-06-17 17:04 – Updated: 2026-06-17 18:05
VLAI
Title
undici vulnerable to cross-user information disclosure via shared cache whitespace bypass
Summary
Impact:
Undici's cache interceptor incorrectly classifies some responses as cacheable when the upstream Cache-Control header uses whitespace-padded qualified private or no-cache field names such as private=" authorization" or no-cache="\tauthorization". The parser preserves the surrounding whitespace, so later comparisons against the literal authorization field name fail and the response is stored.
In shared-cache mode, this allows a response containing one user's authenticated data to be served from cache to a subsequent caller, including an unauthenticated caller, when both requests resolve to the same cache key.
Affected applications are those that explicitly enable the cache interceptor (interceptors.cache()) in shared mode, forward Authorization headers upstream, and receive cacheable responses with non-canonical qualified private or no-cache directives.
Patches:
Upgrade to undici v7.28.0 or v8.5.0.
Workarounds:
If upgrade is not immediately possible, disable shared-cache mode for traffic that includes Authorization headers, avoid caching responses to authenticated requests, or add Vary: Authorization upstream.
Severity
5.9 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-524 - Use of Cache Containing Sensitive Information
Assigner
References
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-9678",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-17T18:05:24.378630Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-17T18:05:30.162Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageURL": "pkg:npm/undici",
"product": "undici",
"vendor": "undici",
"versions": [
{
"lessThan": "7.28.0",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "7.28.0",
"versionType": "semver"
},
{
"lessThan": "8.5.0",
"status": "affected",
"version": "8.0.0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "8.5.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "remediation developer",
"value": "mcollina"
},
{
"lang": "en",
"type": "remediation reviewer",
"value": "UlisesGascon"
},
{
"lang": "en",
"type": "reporter",
"value": "AndrewMohawk"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Impact:\nUndici\u0027s cache interceptor incorrectly classifies some responses as cacheable when the upstream Cache-Control header uses whitespace-padded qualified private or no-cache field names such as private=\" authorization\" or no-cache=\"\\tauthorization\". The parser preserves the surrounding whitespace, so later comparisons against the literal authorization field name fail and the response is stored.\n\nIn shared-cache mode, this allows a response containing one user\u0027s authenticated data to be served from cache to a subsequent caller, including an unauthenticated caller, when both requests resolve to the same cache key.\n\nAffected applications are those that explicitly enable the cache interceptor (interceptors.cache()) in shared mode, forward Authorization headers upstream, and receive cacheable responses with non-canonical qualified private or no-cache directives.\n\nPatches:\nUpgrade to undici v7.28.0 or v8.5.0.\n\nWorkarounds:\nIf upgrade is not immediately possible, disable shared-cache mode for traffic that includes Authorization headers, avoid caching responses to authenticated requests, or add Vary: Authorization upstream."
}
],
"value": "Impact:\nUndici\u0027s cache interceptor incorrectly classifies some responses as cacheable when the upstream Cache-Control header uses whitespace-padded qualified private or no-cache field names such as private=\" authorization\" or no-cache=\"\\tauthorization\". The parser preserves the surrounding whitespace, so later comparisons against the literal authorization field name fail and the response is stored.\n\nIn shared-cache mode, this allows a response containing one user\u0027s authenticated data to be served from cache to a subsequent caller, including an unauthenticated caller, when both requests resolve to the same cache key.\n\nAffected applications are those that explicitly enable the cache interceptor (interceptors.cache()) in shared mode, forward Authorization headers upstream, and receive cacheable responses with non-canonical qualified private or no-cache directives.\n\nPatches:\nUpgrade to undici v7.28.0 or v8.5.0.\n\nWorkarounds:\nIf upgrade is not immediately possible, disable shared-cache mode for traffic that includes Authorization headers, avoid caching responses to authenticated requests, or add Vary: Authorization upstream."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-524",
"description": "CWE-524: Use of Cache Containing Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-17T17:04:09.680Z",
"orgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
"shortName": "openjs"
},
"references": [
{
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-pr7r-676h-xcf6"
},
{
"url": "https://cna.openjsf.org/security-advisories.html"
}
],
"title": "undici vulnerable to cross-user information disclosure via shared cache whitespace bypass",
"x_generator": {
"engine": "cve-kit 1.0.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
"assignerShortName": "openjs",
"cveId": "CVE-2026-9678",
"datePublished": "2026-06-17T17:04:09.680Z",
"dateReserved": "2026-05-27T08:05:04.453Z",
"dateUpdated": "2026-06-17T18:05:30.162Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-9679 (GCVE-0-2026-9679)
Vulnerability from cvelistv5 – Published: 2026-06-17 16:56 – Updated: 2026-06-23 16:12
VLAI
Title
undici vulnerable to HTTP header injection via Set-Cookie percent-decoding
Summary
Impact:
undici's cookie parser in parseSetCookie percent-decodes cookie values via qsUnescape, turning encoded sequences like %0D%0A, %00, %3B, and %3D into their literal byte equivalents. RFC 6265 §5.4 does not specify any decoding and browsers do not decode either.
Applications that parse a Set-Cookie header and then forward the parsed value into a response header (proxies, middleware, SSR frameworks) become vulnerable to HTTP response header injection: an attacker-controlled upstream can inject arbitrary Set-Cookie, Location, or Cache-Control headers into the application's downstream response, enabling session fixation, open redirect, or cache poisoning.
Affected applications are those that use undici's cookie parsing (parseSetCookie, parseCookie, getSetCookies) and forward the parsed cookie value into a response header.
This was introduced in undici 7.0.0 via PR #3789.
Patches:
Upgrade to undici v6.26.0, v7.28.0 or v8.5.0.
Workarounds:
If upgrade is not immediately possible, do not forward values returned by parseSetCookie/parseCookie/getSetCookies directly into response headers; sanitize the value first to strip or reject CR, LF, NUL, ;, and = bytes.
Severity
5.9 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-93 - Improper Neutralization of CRLF Sequences ('CRLF Injection')
Assigner
References
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-9679",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-17T18:31:46.100353Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-23T16:12:38.765Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageURL": "pkg:npm/undici",
"product": "undici",
"vendor": "undici",
"versions": [
{
"lessThan": "6.26.0",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "6.26.0",
"versionType": "semver"
},
{
"lessThan": "7.28.0",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "7.28.0",
"versionType": "semver"
},
{
"lessThan": "8.5.0",
"status": "affected",
"version": "8.0.0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "8.5.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "tndud042713"
},
{
"lang": "en",
"type": "remediation developer",
"value": "mcollina"
},
{
"lang": "en",
"type": "remediation reviewer",
"value": "KhafraDev"
},
{
"lang": "en",
"type": "remediation reviewer",
"value": "UlisesGascon"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Impact:\nundici\u0027s cookie parser in parseSetCookie percent-decodes cookie values via qsUnescape, turning encoded sequences like %0D%0A, %00, %3B, and %3D into their literal byte equivalents. RFC 6265 \u00a75.4 does not specify any decoding and browsers do not decode either.\n\nApplications that parse a Set-Cookie header and then forward the parsed value into a response header (proxies, middleware, SSR frameworks) become vulnerable to HTTP response header injection: an attacker-controlled upstream can inject arbitrary Set-Cookie, Location, or Cache-Control headers into the application\u0027s downstream response, enabling session fixation, open redirect, or cache poisoning.\n\nAffected applications are those that use undici\u0027s cookie parsing (parseSetCookie, parseCookie, getSetCookies) and forward the parsed cookie value into a response header.\n\nThis was introduced in undici 7.0.0 via PR #3789.\n\nPatches:\nUpgrade to undici v6.26.0, v7.28.0 or v8.5.0.\n\nWorkarounds:\nIf upgrade is not immediately possible, do not forward values returned by parseSetCookie/parseCookie/getSetCookies directly into response headers; sanitize the value first to strip or reject CR, LF, NUL, ;, and = bytes."
}
],
"value": "Impact:\nundici\u0027s cookie parser in parseSetCookie percent-decodes cookie values via qsUnescape, turning encoded sequences like %0D%0A, %00, %3B, and %3D into their literal byte equivalents. RFC 6265 \u00a75.4 does not specify any decoding and browsers do not decode either.\n\nApplications that parse a Set-Cookie header and then forward the parsed value into a response header (proxies, middleware, SSR frameworks) become vulnerable to HTTP response header injection: an attacker-controlled upstream can inject arbitrary Set-Cookie, Location, or Cache-Control headers into the application\u0027s downstream response, enabling session fixation, open redirect, or cache poisoning.\n\nAffected applications are those that use undici\u0027s cookie parsing (parseSetCookie, parseCookie, getSetCookies) and forward the parsed cookie value into a response header.\n\nThis was introduced in undici 7.0.0 via PR #3789.\n\nPatches:\nUpgrade to undici v6.26.0, v7.28.0 or v8.5.0.\n\nWorkarounds:\nIf upgrade is not immediately possible, do not forward values returned by parseSetCookie/parseCookie/getSetCookies directly into response headers; sanitize the value first to strip or reject CR, LF, NUL, ;, and = bytes."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-93",
"description": "CWE-93: Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-17T16:56:18.579Z",
"orgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
"shortName": "openjs"
},
"references": [
{
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-p88m-4jfj-68fv"
},
{
"url": "https://cna.openjsf.org/security-advisories.html"
}
],
"title": "undici vulnerable to HTTP header injection via Set-Cookie percent-decoding",
"x_generator": {
"engine": "cve-kit 1.0.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
"assignerShortName": "openjs",
"cveId": "CVE-2026-9679",
"datePublished": "2026-06-17T16:56:18.579Z",
"dateReserved": "2026-05-27T08:59:17.316Z",
"dateUpdated": "2026-06-23T16:12:38.765Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-9697 (GCVE-0-2026-9697)
Vulnerability from cvelistv5 – Published: 2026-06-17 16:46 – Updated: 2026-06-23 03:56
VLAI
Title
undici vulnerable to TLS certificate validation bypass via dropped requestTls in SOCKS5 ProxyAgent
Summary
Impact:
undici's ProxyAgent silently drops the requestTls option when configured with a SOCKS5 proxy URI (socks5:// or socks://). The target HTTPS connection through the SOCKS5 tunnel falls back to Node's default trust store, ignoring user-configured ca, cert, key, rejectUnauthorized, and servername settings.
Applications that pin to an internal or corporate CA via requestTls.ca will, when their proxy URI is SOCKS5, get the default Mozilla CA bundle as the trust anchor instead. Any cert signed by any publicly-trusted CA for the target hostname is accepted, breaking the intended pin and enabling MITM read and tamper of the HTTPS exchange.
Affected applications are those that use undici's ProxyAgent (or Socks5ProxyAgent directly) with SOCKS5 AND rely on requestTls for TLS scope restriction. The bug was introduced in undici 7.23.0 when SOCKS5 support was added.
Patches:
Upgrade to undici v7.28.0 or v8.5.0.
Workarounds:
No workaround is available within the SOCKS5 path. If a SOCKS5 proxy with TLS scope restriction is required and an upgrade is not yet possible, route the traffic through an HTTP-proxy ProxyAgent instead, where requestTls is honored correctly.
Severity
7.4 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-295 - Improper Certificate Validation
Assigner
References
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-9697",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-22T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-23T03:56:05.864Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageURL": "pkg:npm/undici",
"product": "undici",
"vendor": "undici",
"versions": [
{
"lessThan": "7.28.0",
"status": "affected",
"version": "7.23.0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "7.28.0",
"versionType": "semver"
},
{
"lessThan": "8.5.0",
"status": "affected",
"version": "8.0.0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "8.5.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "tonghuaroot"
},
{
"lang": "en",
"type": "remediation reviewer",
"value": "UlisesGascon"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Impact:\nundici\u0027s ProxyAgent silently drops the requestTls option when configured with a SOCKS5 proxy URI (socks5:// or socks://). The target HTTPS connection through the SOCKS5 tunnel falls back to Node\u0027s default trust store, ignoring user-configured ca, cert, key, rejectUnauthorized, and servername settings.\n\nApplications that pin to an internal or corporate CA via requestTls.ca will, when their proxy URI is SOCKS5, get the default Mozilla CA bundle as the trust anchor instead. Any cert signed by any publicly-trusted CA for the target hostname is accepted, breaking the intended pin and enabling MITM read and tamper of the HTTPS exchange.\n\nAffected applications are those that use undici\u0027s ProxyAgent (or Socks5ProxyAgent directly) with SOCKS5 AND rely on requestTls for TLS scope restriction. The bug was introduced in undici 7.23.0 when SOCKS5 support was added.\n\nPatches:\nUpgrade to undici v7.28.0 or v8.5.0.\n\nWorkarounds:\nNo workaround is available within the SOCKS5 path. If a SOCKS5 proxy with TLS scope restriction is required and an upgrade is not yet possible, route the traffic through an HTTP-proxy ProxyAgent instead, where requestTls is honored correctly."
}
],
"value": "Impact:\nundici\u0027s ProxyAgent silently drops the requestTls option when configured with a SOCKS5 proxy URI (socks5:// or socks://). The target HTTPS connection through the SOCKS5 tunnel falls back to Node\u0027s default trust store, ignoring user-configured ca, cert, key, rejectUnauthorized, and servername settings.\n\nApplications that pin to an internal or corporate CA via requestTls.ca will, when their proxy URI is SOCKS5, get the default Mozilla CA bundle as the trust anchor instead. Any cert signed by any publicly-trusted CA for the target hostname is accepted, breaking the intended pin and enabling MITM read and tamper of the HTTPS exchange.\n\nAffected applications are those that use undici\u0027s ProxyAgent (or Socks5ProxyAgent directly) with SOCKS5 AND rely on requestTls for TLS scope restriction. The bug was introduced in undici 7.23.0 when SOCKS5 support was added.\n\nPatches:\nUpgrade to undici v7.28.0 or v8.5.0.\n\nWorkarounds:\nNo workaround is available within the SOCKS5 path. If a SOCKS5 proxy with TLS scope restriction is required and an upgrade is not yet possible, route the traffic through an HTTP-proxy ProxyAgent instead, where requestTls is honored correctly."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295: Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-17T16:46:42.706Z",
"orgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
"shortName": "openjs"
},
"references": [
{
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-vmh5-mc38-953g"
},
{
"url": "https://cna.openjsf.org/security-advisories.html"
}
],
"title": "undici vulnerable to TLS certificate validation bypass via dropped requestTls in SOCKS5 ProxyAgent",
"x_generator": {
"engine": "cve-kit 1.0.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
"assignerShortName": "openjs",
"cveId": "CVE-2026-9697",
"datePublished": "2026-06-17T16:46:42.706Z",
"dateReserved": "2026-05-27T12:02:46.825Z",
"dateUpdated": "2026-06-23T03:56:05.864Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-6734 (GCVE-0-2026-6734)
Vulnerability from cvelistv5 – Published: 2026-06-17 16:36 – Updated: 2026-06-23 03:56
VLAI
Title
undici vulnerable to cross-origin request routing via SOCKS5 proxy pool reuse
Summary
Impact:
When using Socks5ProxyAgent, undici reuses a single connection pool across different origins without verifying that the pool's origin matches the requested origin. All requests are dispatched through the pool connected to the first origin, regardless of the intended destination.
This causes cross-origin request routing: credentials and request data intended for origin B are sent to origin A, responses from the wrong origin are trusted, and HTTPS requests may be silently downgraded to HTTP.
Impacted users are applications that use Socks5ProxyAgent (directly or via setGlobalDispatcher) and make requests to more than one origin.
This was introduced in undici 7.23.0 via PR #4385 and affects all versions through 8.1.0.
Patches:
Upgrade to undici v7.26.0 or v8.2.0.
Workarounds:
Use a separate Socks5ProxyAgent instance per origin, or avoid using Socks5ProxyAgent with multiple origins.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-346 - Origin Validation Error
Assigner
References
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-6734",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-22T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-23T03:56:04.784Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageURL": "pkg:npm/undici",
"product": "undici",
"vendor": "undici",
"versions": [
{
"lessThan": "7.26.0",
"status": "affected",
"version": "7.23.0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "7.26.0",
"versionType": "semver"
},
{
"lessThan": "8.2.0",
"status": "affected",
"version": "8.0.0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "8.2.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "ChALkeR"
},
{
"lang": "en",
"type": "remediation reviewer",
"value": "mcollina"
},
{
"lang": "en",
"type": "remediation verifier",
"value": "UlisesGascon"
},
{
"lang": "en",
"type": "finder",
"value": "deepview-autofix"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Impact:\nWhen using Socks5ProxyAgent, undici reuses a single connection pool across different origins without verifying that the pool\u0027s origin matches the requested origin. All requests are dispatched through the pool connected to the first origin, regardless of the intended destination.\n\nThis causes cross-origin request routing: credentials and request data intended for origin B are sent to origin A, responses from the wrong origin are trusted, and HTTPS requests may be silently downgraded to HTTP.\n\nImpacted users are applications that use Socks5ProxyAgent (directly or via setGlobalDispatcher) and make requests to more than one origin.\n\nThis was introduced in undici 7.23.0 via PR #4385 and affects all versions through 8.1.0.\n\nPatches:\nUpgrade to undici v7.26.0 or v8.2.0.\n\nWorkarounds:\nUse a separate Socks5ProxyAgent instance per origin, or avoid using Socks5ProxyAgent with multiple origins."
}
],
"value": "Impact:\nWhen using Socks5ProxyAgent, undici reuses a single connection pool across different origins without verifying that the pool\u0027s origin matches the requested origin. All requests are dispatched through the pool connected to the first origin, regardless of the intended destination.\n\nThis causes cross-origin request routing: credentials and request data intended for origin B are sent to origin A, responses from the wrong origin are trusted, and HTTPS requests may be silently downgraded to HTTP.\n\nImpacted users are applications that use Socks5ProxyAgent (directly or via setGlobalDispatcher) and make requests to more than one origin.\n\nThis was introduced in undici 7.23.0 via PR #4385 and affects all versions through 8.1.0.\n\nPatches:\nUpgrade to undici v7.26.0 or v8.2.0.\n\nWorkarounds:\nUse a separate Socks5ProxyAgent instance per origin, or avoid using Socks5ProxyAgent with multiple origins."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-346",
"description": "CWE-346: Origin Validation Error",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-17T16:36:55.439Z",
"orgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
"shortName": "openjs"
},
"references": [
{
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-hm92-r4w5-c3mj"
},
{
"url": "https://cna.openjsf.org/security-advisories.html"
}
],
"title": "undici vulnerable to cross-origin request routing via SOCKS5 proxy pool reuse",
"x_generator": {
"engine": "cve-kit 1.0.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
"assignerShortName": "openjs",
"cveId": "CVE-2026-6734",
"datePublished": "2026-06-17T16:36:55.439Z",
"dateReserved": "2026-04-20T22:57:40.878Z",
"dateUpdated": "2026-06-23T03:56:04.784Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-9675 (GCVE-0-2026-9675)
Vulnerability from cvelistv5 – Published: 2026-06-17 16:20 – Updated: 2026-06-17 17:29
VLAI
Title
undici WebSocket client vulnerable to denial of service via cumulative fragment bypass
Summary
Impact:
The undici WebSocket client enforces maxPayloadSize per-frame but does not enforce the cumulative size of fragmented uncompressed messages. A malicious WebSocket server can stream many small fragments that each pass per-frame validation but collectively exceed the configured limit, causing unbounded memory growth in the client process. The result is memory exhaustion and a denial of service.
Affected applications are those using the undici WebSocket client (new WebSocket(...)) that can be induced to connect to an attacker-controlled or compromised WebSocket endpoint.
This is a regression specific to undici 8.1.0. The 6.25.0 line shipped the equivalent cumulative check from the start and is unaffected. The 7.x line never had the maxPayloadSize feature and is also unaffected.
Patches:
Upgrade to undici >= 8.5.0.
Workarounds:
No workaround is available. The fix must be applied through an upgrade.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-9675",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-17T17:29:24.751635Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-17T17:29:42.926Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageURL": "pkg:npm/undici",
"product": "undici",
"vendor": "undici",
"versions": [
{
"lessThan": "8.5.0",
"status": "affected",
"version": "8.0.0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "8.5.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "mauriceng98"
},
{
"lang": "en",
"type": "finder",
"value": "Str1ckl4nd"
},
{
"lang": "en",
"type": "remediation developer",
"value": "mcollina"
},
{
"lang": "en",
"type": "remediation reviewer",
"value": "UlisesGascon"
},
{
"lang": "en",
"type": "finder",
"value": "lzhou1110"
},
{
"lang": "en",
"type": "finder",
"value": "Zyy0530"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Impact:\nThe undici WebSocket client enforces maxPayloadSize per-frame but does not enforce the cumulative size of fragmented uncompressed messages. A malicious WebSocket server can stream many small fragments that each pass per-frame validation but collectively exceed the configured limit, causing unbounded memory growth in the client process. The result is memory exhaustion and a denial of service.\n\nAffected applications are those using the undici WebSocket client (new WebSocket(...)) that can be induced to connect to an attacker-controlled or compromised WebSocket endpoint.\n\nThis is a regression specific to undici 8.1.0. The 6.25.0 line shipped the equivalent cumulative check from the start and is unaffected. The 7.x line never had the maxPayloadSize feature and is also unaffected.\n\nPatches:\nUpgrade to undici \u003e= 8.5.0.\n\nWorkarounds:\nNo workaround is available. The fix must be applied through an upgrade."
}
],
"value": "Impact:\nThe undici WebSocket client enforces maxPayloadSize per-frame but does not enforce the cumulative size of fragmented uncompressed messages. A malicious WebSocket server can stream many small fragments that each pass per-frame validation but collectively exceed the configured limit, causing unbounded memory growth in the client process. The result is memory exhaustion and a denial of service.\n\nAffected applications are those using the undici WebSocket client (new WebSocket(...)) that can be induced to connect to an attacker-controlled or compromised WebSocket endpoint.\n\nThis is a regression specific to undici 8.1.0. The 6.25.0 line shipped the equivalent cumulative check from the start and is unaffected. The 7.x line never had the maxPayloadSize feature and is also unaffected.\n\nPatches:\nUpgrade to undici \u003e= 8.5.0.\n\nWorkarounds:\nNo workaround is available. The fix must be applied through an upgrade."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770: Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-17T16:20:32.548Z",
"orgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
"shortName": "openjs"
},
"references": [
{
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-38rv-x7px-6hhq"
},
{
"url": "https://cna.openjsf.org/security-advisories.html"
}
],
"title": "undici WebSocket client vulnerable to denial of service via cumulative fragment bypass",
"x_generator": {
"engine": "cve-kit 1.0.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
"assignerShortName": "openjs",
"cveId": "CVE-2026-9675",
"datePublished": "2026-06-17T16:20:32.548Z",
"dateReserved": "2026-05-27T07:10:38.904Z",
"dateUpdated": "2026-06-17T17:29:42.926Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-12151 (GCVE-0-2026-12151)
Vulnerability from cvelistv5 – Published: 2026-06-17 16:05 – Updated: 2026-06-17 17:30
VLAI
Title
undici WebSocket client vulnerable to denial of service via fragment count bypass
Summary
Impact:
The undici WebSocket client enforces maxPayloadSize on the cumulative byte count of fragments in a message but does not enforce a limit on the number of fragments. A malicious WebSocket server can stream many small or empty continuation frames that each pass per-frame and cumulative-size validation, collectively causing unbounded memory growth in the client process. The result is memory exhaustion and a denial of service.
Affected applications are those using the undici WebSocket client (new WebSocket(...)) or the WebSocketStream API that can be induced to connect to an attacker-controlled or compromised WebSocket endpoint.
All releases starting at undici 6.17.0 are affected.
Patches: Upgrade to undici >= 6.26.0, >= 7.28.0, or >= 8.5.0. Workarounds:
No workaround is available. The fix must be applied through an upgrade.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-12151",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-17T17:29:57.305732Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-17T17:30:13.782Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageURL": "pkg:npm/undici",
"product": "undici",
"vendor": "undici",
"versions": [
{
"lessThan": "6.26.0",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "6.26.0",
"versionType": "semver"
},
{
"lessThan": "7.28.0",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "7.28.0",
"versionType": "semver"
},
{
"lessThan": "8.5.0",
"status": "affected",
"version": "8.0.0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "8.5.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "lpinca"
},
{
"lang": "en",
"type": "finder",
"value": "Nadav0077"
},
{
"lang": "en",
"type": "remediation reviewer",
"value": "UlisesGascon"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Impact:\nThe undici WebSocket client enforces maxPayloadSize on the cumulative byte count of fragments in a message but does not enforce a limit on the number of fragments. A malicious WebSocket server can stream many small or empty continuation frames that each pass per-frame and cumulative-size validation, collectively causing unbounded memory growth in the client process. The result is memory exhaustion and a denial of service.\n\nAffected applications are those using the undici WebSocket client (new WebSocket(...)) or the WebSocketStream API that can be induced to connect to an attacker-controlled or compromised WebSocket endpoint.\n\nAll releases starting at undici 6.17.0 are affected.\n\nPatches:\u0026nbsp;Upgrade to undici \u0026gt;= 6.26.0, \u0026gt;= 7.28.0, or \u0026gt;= 8.5.0.\u0026nbsp;Workarounds:\nNo workaround is available. The fix must be applied through an upgrade."
}
],
"value": "Impact:\nThe undici WebSocket client enforces maxPayloadSize on the cumulative byte count of fragments in a message but does not enforce a limit on the number of fragments. A malicious WebSocket server can stream many small or empty continuation frames that each pass per-frame and cumulative-size validation, collectively causing unbounded memory growth in the client process. The result is memory exhaustion and a denial of service.\n\nAffected applications are those using the undici WebSocket client (new WebSocket(...)) or the WebSocketStream API that can be induced to connect to an attacker-controlled or compromised WebSocket endpoint.\n\nAll releases starting at undici 6.17.0 are affected.\n\nPatches:\u00a0Upgrade to undici \u003e= 6.26.0, \u003e= 7.28.0, or \u003e= 8.5.0.\u00a0Workarounds:\nNo workaround is available. The fix must be applied through an upgrade."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770: Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-17T16:05:38.785Z",
"orgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
"shortName": "openjs"
},
"references": [
{
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-vxpw-j846-p89q"
},
{
"url": "https://cna.openjsf.org/security-advisories.html"
}
],
"title": "undici WebSocket client vulnerable to denial of service via fragment count bypass",
"x_generator": {
"engine": "cve-kit 1.0.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
"assignerShortName": "openjs",
"cveId": "CVE-2026-12151",
"datePublished": "2026-06-17T16:05:38.785Z",
"dateReserved": "2026-06-12T18:14:04.454Z",
"dateUpdated": "2026-06-17T17:30:13.782Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2229 (GCVE-0-2026-2229)
Vulnerability from cvelistv5 – Published: 2026-03-12 20:27 – Updated: 2026-03-13 13:06
VLAI
Title
undici is vulnerable to Unhandled Exception in undici WebSocket Client Due to Invalid server_max_window_bits Validation
Summary
ImpactThe undici WebSocket client is vulnerable to a denial-of-service attack due to improper validation of the server_max_window_bits parameter in the permessage-deflate extension. When a WebSocket client connects to a server, it automatically advertises support for permessage-deflate compression. A malicious server can respond with an out-of-range server_max_window_bits value (outside zlib's valid range of 8-15). When the server subsequently sends a compressed frame, the client attempts to create a zlib InflateRaw instance with the invalid windowBits value, causing a synchronous RangeError exception that is not caught, resulting in immediate process termination.
The vulnerability exists because:
* The isValidClientWindowBits() function only validates that the value contains ASCII digits, not that it falls within the valid range 8-15
* The createInflateRaw() call is not wrapped in a try-catch block
* The resulting exception propagates up through the call stack and crashes the Node.js process
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2229",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-13T13:06:30.575811Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-13T13:06:46.814Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/nodejs/undici/",
"defaultStatus": "unaffected",
"packageName": "undici",
"product": "undici",
"repo": "https://github.com/nodejs/undici/",
"vendor": "undici",
"versions": [
{
"status": "affected",
"version": "\u003c 6.24.0; 7.0.0 \u003c 7.24.0"
},
{
"status": "unaffected",
"version": "6.24.0: 7.24.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "remediation developer",
"value": "Matteo Collina"
},
{
"lang": "en",
"type": "remediation reviewer",
"value": "Ulises Gasc\u00f3n"
},
{
"lang": "en",
"type": "remediation reviewer",
"value": "Rafael Gonzaga"
},
{
"lang": "en",
"type": "remediation reviewer",
"value": "Ethan Arrowood"
},
{
"lang": "en",
"type": "reporter",
"value": "Aisle Research"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ch3\u003e\u003cspan\u003eImpact\u003c/span\u003e\u003c/h3\u003e\u003cp\u003eThe undici WebSocket client is vulnerable to a denial-of-service attack due to improper validation of the\u0026nbsp;\u003ccode\u003eserver_max_window_bits\u003c/code\u003e\u0026nbsp;parameter in the permessage-deflate extension. When a WebSocket client connects to a server, it automatically advertises support for permessage-deflate compression. A malicious server can respond with an out-of-range\u0026nbsp;\u003ccode\u003eserver_max_window_bits\u003c/code\u003e\u0026nbsp;value (outside zlib\u0027s valid range of 8-15). When the server subsequently sends a compressed frame, the client attempts to create a zlib InflateRaw instance with the invalid windowBits value, causing a synchronous RangeError exception that is not caught, resulting in immediate process termination.\u003c/p\u003e\u003cp\u003eThe vulnerability exists because:\u003c/p\u003e\u003col\u003e\u003cli\u003eThe\u0026nbsp;\u003ccode\u003eisValidClientWindowBits()\u003c/code\u003e\u0026nbsp;function only validates that the value contains ASCII digits, not that it falls within the valid range 8-15\u003c/li\u003e\u003cli\u003eThe\u0026nbsp;\u003ccode\u003ecreateInflateRaw()\u003c/code\u003e\u0026nbsp;call is not wrapped in a try-catch block\u003c/li\u003e\u003cli\u003eThe resulting exception propagates up through the call stack and crashes the Node.js process\u003c/li\u003e\u003c/ol\u003e\u003cbr\u003e"
}
],
"value": "ImpactThe undici WebSocket client is vulnerable to a denial-of-service attack due to improper validation of the\u00a0server_max_window_bits\u00a0parameter in the permessage-deflate extension. When a WebSocket client connects to a server, it automatically advertises support for permessage-deflate compression. A malicious server can respond with an out-of-range\u00a0server_max_window_bits\u00a0value (outside zlib\u0027s valid range of 8-15). When the server subsequently sends a compressed frame, the client attempts to create a zlib InflateRaw instance with the invalid windowBits value, causing a synchronous RangeError exception that is not caught, resulting in immediate process termination.\n\nThe vulnerability exists because:\n\n * The\u00a0isValidClientWindowBits()\u00a0function only validates that the value contains ASCII digits, not that it falls within the valid range 8-15\n * The\u00a0createInflateRaw()\u00a0call is not wrapped in a try-catch block\n * The resulting exception propagates up through the call stack and crashes the Node.js process"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-248",
"description": "CWE-248 Uncaught exception",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-1284",
"description": "CWE-1284 Improper validation of specified quantity in input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-12T20:27:05.600Z",
"orgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
"shortName": "openjs"
},
"references": [
{
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8"
},
{
"url": "https://hackerone.com/reports/3487486"
},
{
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"url": "https://datatracker.ietf.org/doc/html/rfc7692"
},
{
"url": "https://nodejs.org/api/zlib.html#class-zlibinflateraw"
}
],
"source": {
"advisory": "GHSA-v9p9-hfj2-hcw8",
"discovery": "UNKNOWN"
},
"title": "undici is vulnerable to Unhandled Exception in undici WebSocket Client Due to Invalid server_max_window_bits Validation",
"x_generator": {
"engine": "Vulnogram 1.0.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
"assignerShortName": "openjs",
"cveId": "CVE-2026-2229",
"datePublished": "2026-03-12T20:27:05.600Z",
"dateReserved": "2026-02-08T17:51:16.985Z",
"dateUpdated": "2026-03-13T13:06:46.814Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-1528 (GCVE-0-2026-1528)
Vulnerability from cvelistv5 – Published: 2026-03-12 20:21 – Updated: 2026-03-13 13:04
VLAI
Title
undici is vulnerable to Malicious WebSocket 64-bit length overflows undici parser and crashes the client
Summary
ImpactA server can reply with a WebSocket frame using the 64-bit length form and an extremely large length. undici's ByteParser overflows internal math, ends up in an invalid state, and throws a fatal TypeError that terminates the process.
Patches
Patched in the undici version v7.24.0 and v6.24.0. Users should upgrade to this version or later.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1528",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-13T13:03:59.738320Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-13T13:04:57.048Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/nodejs/undici/",
"defaultStatus": "unaffected",
"packageName": "undici",
"product": "undici",
"repo": "https://github.com/nodejs/undici/",
"vendor": "undici",
"versions": [
{
"status": "affected",
"version": "\u003e= 6.0.0 \u003c 6.24.0; 7.0.0 \u003c 7.24.0"
},
{
"status": "unaffected",
"version": "6.24.0: 7.24.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "remediation reviewer",
"value": "Matteo Collina"
},
{
"lang": "en",
"type": "remediation developer",
"value": "Ulises Gasc\u00f3n"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ch3\u003e\u003cspan\u003eImpact\u003c/span\u003e\u003c/h3\u003e\u003cp\u003eA server can reply with a WebSocket frame using the 64-bit length form and an extremely large length. undici\u0027s ByteParser overflows internal math, ends up in an invalid state, and throws a fatal TypeError that terminates the process.\u003cbr\u003e\u003cbr\u003e\u003cb\u003ePatches\u003cbr\u003e\u003c/b\u003e\u003cbr\u003ePatched in the undici version v7.24.0 and v6.24.0. Users should upgrade to this version or later.\u003cbr\u003e\u003c/p\u003e\u003cbr\u003e"
}
],
"value": "ImpactA server can reply with a WebSocket frame using the 64-bit length form and an extremely large length. undici\u0027s ByteParser overflows internal math, ends up in an invalid state, and throws a fatal TypeError that terminates the process.\n\nPatches\n\nPatched in the undici version v7.24.0 and v6.24.0. Users should upgrade to this version or later."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-248",
"description": "CWE-248 Uncaught exception",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-1284",
"description": "CWE-1284 Improper validation of specified quantity in input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-12T20:21:57.775Z",
"orgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
"shortName": "openjs"
},
"references": [
{
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj"
},
{
"url": "https://hackerone.com/reports/3537648"
},
{
"url": "https://cna.openjsf.org/security-advisories.html"
}
],
"source": {
"advisory": "GHSA-f269-vfmq-vjvj",
"discovery": "UNKNOWN"
},
"title": "undici is vulnerable to Malicious WebSocket 64-bit length overflows undici parser and crashes the client",
"x_generator": {
"engine": "Vulnogram 1.0.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
"assignerShortName": "openjs",
"cveId": "CVE-2026-1528",
"datePublished": "2026-03-12T20:21:57.775Z",
"dateReserved": "2026-01-28T12:05:10.024Z",
"dateUpdated": "2026-03-13T13:04:57.048Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-1527 (GCVE-0-2026-1527)
Vulnerability from cvelistv5 – Published: 2026-03-12 20:17 – Updated: 2026-03-13 18:06
VLAI
Title
undici is vulnerable to CRLF Injection via upgrade option
Summary
ImpactWhen an application passes user-controlled input to the upgrade option of client.request(), an attacker can inject CRLF sequences (\r\n) to:
* Inject arbitrary HTTP headers
* Terminate the HTTP request prematurely and smuggle raw data to non-HTTP services (Redis, Memcached, Elasticsearch)
The vulnerability exists because undici writes the upgrade value directly to the socket without validating for invalid header characters:
// lib/dispatcher/client-h1.js:1121
if (upgrade) {
header += `connection: upgrade\r\nupgrade: ${upgrade}\r\n`
}
Severity
4.6 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-93 - Improper neutralization of CRLF sequences ('CRLF injection')
Assigner
References
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1527",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-13T18:05:24.550959Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-13T18:06:03.794Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/nodejs/undici/",
"defaultStatus": "unaffected",
"packageName": "undici",
"product": "undici",
"repo": "https://github.com/nodejs/undici/",
"vendor": "undici",
"versions": [
{
"status": "affected",
"version": "\u003c 6.24.0; 7.0.0 \u003c 7.24.0"
},
{
"status": "unaffected",
"version": "6.24.0: 7.24.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "remediation developer",
"value": "Matteo Collina"
},
{
"lang": "en",
"type": "remediation developer",
"value": "Ulises Gasc\u00f3n"
},
{
"lang": "en",
"type": "analyst",
"value": "Raul Vega del Valle"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ch3\u003eImpact\u003c/h3\u003e\u003cp\u003eWhen an application passes user-controlled input to the\u0026nbsp;\u003ccode\u003eupgrade\u003c/code\u003e\u0026nbsp;option of\u0026nbsp;\u003ccode\u003eclient.request()\u003c/code\u003e, an attacker can inject CRLF sequences (\u003ccode\u003e\\r\\n\u003c/code\u003e) to:\u003c/p\u003e\u003col\u003e\u003cli\u003eInject arbitrary HTTP headers\u003c/li\u003e\u003cli\u003eTerminate the HTTP request prematurely and smuggle raw data to non-HTTP services (Redis, Memcached, Elasticsearch)\u003c/li\u003e\u003c/ol\u003e\u003cp\u003eThe vulnerability exists because undici writes the\u0026nbsp;\u003ccode\u003eupgrade\u003c/code\u003e\u0026nbsp;value directly to the socket without validating for invalid header characters:\u003c/p\u003e\u003cdiv\u003e\u003cpre\u003e// lib/dispatcher/client-h1.js:1121\nif (upgrade) {\n header += `connection: upgrade\\r\\nupgrade: ${upgrade}\\r\\n`\n}\u003c/pre\u003e\u003c/div\u003e"
}
],
"value": "ImpactWhen an application passes user-controlled input to the\u00a0upgrade\u00a0option of\u00a0client.request(), an attacker can inject CRLF sequences (\\r\\n) to:\n\n * Inject arbitrary HTTP headers\n * Terminate the HTTP request prematurely and smuggle raw data to non-HTTP services (Redis, Memcached, Elasticsearch)\nThe vulnerability exists because undici writes the\u00a0upgrade\u00a0value directly to the socket without validating for invalid header characters:\n\n// lib/dispatcher/client-h1.js:1121\nif (upgrade) {\n header += `connection: upgrade\\r\\nupgrade: ${upgrade}\\r\\n`\n}"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-93",
"description": "CWE-93 Improper neutralization of CRLF sequences (\u0027CRLF injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-12T20:17:18.984Z",
"orgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
"shortName": "openjs"
},
"references": [
{
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-4992-7rv2-5pvq"
},
{
"url": "https://hackerone.com/reports/3487198"
},
{
"url": "https://cna.openjsf.org/security-advisories.html"
}
],
"source": {
"advisory": "GHSA-4992-7rv2-5pvq",
"discovery": "EXTERNAL"
},
"title": "undici is vulnerable to CRLF Injection via upgrade option",
"x_generator": {
"engine": "Vulnogram 1.0.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
"assignerShortName": "openjs",
"cveId": "CVE-2026-1527",
"datePublished": "2026-03-12T20:17:18.984Z",
"dateReserved": "2026-01-28T12:05:08.491Z",
"dateUpdated": "2026-03-13T18:06:03.794Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2581 (GCVE-0-2026-2581)
Vulnerability from cvelistv5 – Published: 2026-03-12 20:13 – Updated: 2026-03-13 18:04
VLAI
Title
undici is vulnerable to Unbounded Memory Consumption in in Undici's DeduplicationHandler via Response Buffering leads to DoS
Summary
This is an uncontrolled resource consumption vulnerability (CWE-400) that can lead to Denial of Service (DoS).
In vulnerable Undici versions, when interceptors.deduplicate() is enabled, response data for deduplicated requests could be accumulated in memory for downstream handlers. An attacker-controlled or untrusted upstream endpoint can exploit this with large/chunked responses and concurrent identical requests, causing high memory usage and potential OOM process termination.
Impacted users are applications that use Undici’s deduplication interceptor against endpoints that may produce large or long-lived response bodies.
PatchesThe issue has been patched by changing deduplication behavior to stream response chunks to downstream handlers as they arrive (instead of full-body accumulation), and by preventing late deduplication when body streaming has already started.
Users should upgrade to the first official Undici (and Node.js, where applicable) releases that include this patch.
Severity
5.9 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-770 - Allocation of resources without limits or throttling
Assigner
References
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2581",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-13T18:04:49.981133Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-13T18:04:58.799Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/nodejs/undici/",
"defaultStatus": "unaffected",
"packageName": "undici",
"product": "undici",
"repo": "https://github.com/nodejs/undici/",
"vendor": "undici",
"versions": [
{
"status": "affected",
"version": "\u003c 6.24.0; 7.0.0 \u003c 7.24.0"
},
{
"status": "unaffected",
"version": "6.24.0: 7.24.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "remediation developer",
"value": "Matteo Collina"
},
{
"lang": "en",
"type": "remediation reviewer",
"value": "Ulises Gasc\u00f3n"
},
{
"lang": "en",
"type": "finder",
"value": "Adnan Jakati"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThis is an uncontrolled resource consumption vulnerability (CWE-400) that can lead to Denial of Service (DoS).\u003c/p\u003e\u003cp\u003eIn vulnerable Undici versions, when\u0026nbsp;\u003ccode\u003einterceptors.deduplicate()\u003c/code\u003e\u0026nbsp;is enabled, response data for deduplicated requests could be accumulated in memory for downstream handlers. An attacker-controlled or untrusted upstream endpoint can exploit this with large/chunked responses and concurrent identical requests, causing high memory usage and potential OOM process termination.\u003c/p\u003e\u003cp\u003eImpacted users are applications that use Undici\u2019s deduplication interceptor against endpoints that may produce large or long-lived response bodies.\u003c/p\u003e\u003ch2\u003ePatches\u003c/h2\u003e\u003cp\u003eThe issue has been patched by changing deduplication behavior to stream response chunks to downstream handlers as they arrive (instead of full-body accumulation), and by preventing late deduplication when body streaming has already started.\u003c/p\u003e\u003cp\u003eUsers should upgrade to the first official Undici (and Node.js, where applicable) releases that include this patch.\u003c/p\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "This is an uncontrolled resource consumption vulnerability (CWE-400) that can lead to Denial of Service (DoS).\n\nIn vulnerable Undici versions, when\u00a0interceptors.deduplicate()\u00a0is enabled, response data for deduplicated requests could be accumulated in memory for downstream handlers. An attacker-controlled or untrusted upstream endpoint can exploit this with large/chunked responses and concurrent identical requests, causing high memory usage and potential OOM process termination.\n\nImpacted users are applications that use Undici\u2019s deduplication interceptor against endpoints that may produce large or long-lived response bodies.\n\nPatchesThe issue has been patched by changing deduplication behavior to stream response chunks to downstream handlers as they arrive (instead of full-body accumulation), and by preventing late deduplication when body streaming has already started.\n\nUsers should upgrade to the first official Undici (and Node.js, where applicable) releases that include this patch."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770 Allocation of resources without limits or throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-12T20:13:19.571Z",
"orgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
"shortName": "openjs"
},
"references": [
{
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-phc3-fgpg-7m6h"
},
{
"url": "https://hackerone.com/reports/3513473"
},
{
"url": "https://cna.openjsf.org/security-advisories.html"
}
],
"source": {
"advisory": "GHSA-phc3-fgpg-7m6h",
"discovery": "EXTERNAL"
},
"title": "undici is vulnerable to Unbounded Memory Consumption in in Undici\u0027s DeduplicationHandler via Response Buffering leads to DoS",
"x_generator": {
"engine": "Vulnogram 1.0.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
"assignerShortName": "openjs",
"cveId": "CVE-2026-2581",
"datePublished": "2026-03-12T20:13:19.571Z",
"dateReserved": "2026-02-16T12:07:35.310Z",
"dateUpdated": "2026-03-13T18:04:58.799Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-1526 (GCVE-0-2026-1526)
Vulnerability from cvelistv5 – Published: 2026-03-12 20:08 – Updated: 2026-03-13 18:04
VLAI
Title
undici is vulnerable to Unbounded Memory Consumption in undici WebSocket permessage-deflate Decompression
Summary
The undici WebSocket client is vulnerable to a denial-of-service attack via unbounded memory consumption during permessage-deflate decompression. When a WebSocket connection negotiates the permessage-deflate extension, the client decompresses incoming compressed frames without enforcing any limit on the decompressed data size. A malicious WebSocket server can send a small compressed frame (a "decompression bomb") that expands to an extremely large size in memory, causing the Node.js process to exhaust available memory and crash or become unresponsive.
The vulnerability exists in the PerMessageDeflate.decompress() method, which accumulates all decompressed chunks in memory and concatenates them into a single Buffer without checking whether the total size exceeds a safe threshold.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-409 - Improper handling of highly compressed data (data amplification)
Assigner
References
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1526",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-13T18:04:06.608247Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-13T18:04:20.683Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/nodejs/undici/",
"defaultStatus": "unaffected",
"packageName": "undici",
"product": "undici",
"repo": "https://github.com/nodejs/undici/",
"vendor": "undici",
"versions": [
{
"status": "affected",
"version": "\u003c 6.24.0; 7.0.0 \u003c 7.24.0"
},
{
"status": "unaffected",
"version": "6.24.0: 7.24.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "remediation developer",
"value": "Matteo Collina"
},
{
"lang": "en",
"type": "remediation developer",
"value": "Ulises Gasc\u00f3n"
},
{
"lang": "en",
"type": "finder",
"value": "HO9"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe undici WebSocket client is vulnerable to a denial-of-service attack via unbounded memory consumption during permessage-deflate decompression. When a WebSocket connection negotiates the permessage-deflate extension, the client decompresses incoming compressed frames without enforcing any limit on the decompressed data size. A malicious WebSocket server can send a small compressed frame (a \"decompression bomb\") that expands to an extremely large size in memory, causing the Node.js process to exhaust available memory and crash or become unresponsive.\u003c/p\u003e\u003cp\u003eThe vulnerability exists in the\u0026nbsp;\u003ccode\u003ePerMessageDeflate.decompress()\u003c/code\u003e\u0026nbsp;method, which accumulates all decompressed chunks in memory and concatenates them into a single Buffer without checking whether the total size exceeds a safe threshold.\u003c/p\u003e"
}
],
"value": "The undici WebSocket client is vulnerable to a denial-of-service attack via unbounded memory consumption during permessage-deflate decompression. When a WebSocket connection negotiates the permessage-deflate extension, the client decompresses incoming compressed frames without enforcing any limit on the decompressed data size. A malicious WebSocket server can send a small compressed frame (a \"decompression bomb\") that expands to an extremely large size in memory, causing the Node.js process to exhaust available memory and crash or become unresponsive.\n\nThe vulnerability exists in the\u00a0PerMessageDeflate.decompress()\u00a0method, which accumulates all decompressed chunks in memory and concatenates them into a single Buffer without checking whether the total size exceeds a safe threshold."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-409",
"description": "CWE-409 Improper handling of highly compressed data (data amplification)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-12T20:08:05.950Z",
"orgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
"shortName": "openjs"
},
"references": [
{
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q"
},
{
"url": "https://hackerone.com/reports/3481206"
},
{
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"url": "https://datatracker.ietf.org/doc/html/rfc7692"
}
],
"source": {
"advisory": "GHSA-vrm6-8vpv-qv8q",
"discovery": "EXTERNAL"
},
"title": "undici is vulnerable to Unbounded Memory Consumption in undici WebSocket permessage-deflate Decompression",
"x_generator": {
"engine": "Vulnogram 1.0.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
"assignerShortName": "openjs",
"cveId": "CVE-2026-1526",
"datePublished": "2026-03-12T20:08:05.950Z",
"dateReserved": "2026-01-28T12:05:07.017Z",
"dateUpdated": "2026-03-13T18:04:20.683Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-1525 (GCVE-0-2026-1525)
Vulnerability from cvelistv5 – Published: 2026-03-12 19:56 – Updated: 2026-03-12 20:46
VLAI
Title
undici is vulnerable to Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
Summary
Undici allows duplicate HTTP Content-Length headers when they are provided in an array with case-variant names (e.g., Content-Length and content-length). This produces malformed HTTP/1.1 requests with multiple conflicting Content-Length values on the wire.
Who is impacted:
* Applications using undici.request(), undici.Client, or similar low-level APIs with headers passed as flat arrays
* Applications that accept user-controlled header names without case-normalization
Potential consequences:
* Denial of Service: Strict HTTP parsers (proxies, servers) will reject requests with duplicate Content-Length headers (400 Bad Request)
* HTTP Request Smuggling: In deployments where an intermediary and backend interpret duplicate headers inconsistently (e.g., one uses the first value, the other uses the last), this can enable request smuggling attacks leading to ACL bypass, cache poisoning, or credential hijacking
Severity
6.5 (Medium)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-444 - Inconsistent interpretation of HTTP requests ('HTTP Request/Response smuggling')
Assigner
References
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1525",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-12T20:44:24.555703Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-12T20:46:13.379Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/nodejs/undici/",
"defaultStatus": "unaffected",
"packageName": "undici",
"product": "undici",
"repo": "https://github.com/nodejs/undici/",
"vendor": "undici",
"versions": [
{
"status": "affected",
"version": "\u003c 6.24.0; 7.0.0 \u003c 7.24.0"
},
{
"status": "unaffected",
"version": "6.24.0: 7.24.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "remediation developer",
"value": "Matteo Collina"
},
{
"lang": "en",
"type": "remediation developer",
"value": "Ulises Gasc\u00f3n"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eUndici allows duplicate HTTP\u0026nbsp;\u003ccode\u003eContent-Length\u003c/code\u003e\u0026nbsp;headers when they are provided in an array with case-variant names (e.g.,\u0026nbsp;\u003ccode\u003eContent-Length\u003c/code\u003e\u0026nbsp;and\u0026nbsp;\u003ccode\u003econtent-length\u003c/code\u003e). This produces malformed HTTP/1.1 requests with multiple conflicting\u0026nbsp;\u003ccode\u003eContent-Length\u003c/code\u003e\u0026nbsp;values on the wire.\u003c/p\u003e\u003cp\u003e\u003cstrong\u003eWho is impacted:\u003c/strong\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eApplications using\u0026nbsp;\u003ccode\u003eundici.request()\u003c/code\u003e,\u0026nbsp;\u003ccode\u003eundici.Client\u003c/code\u003e, or similar low-level APIs with headers passed as flat arrays\u003c/li\u003e\u003cli\u003eApplications that accept user-controlled header names without case-normalization\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003cstrong\u003ePotential consequences:\u003c/strong\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003cstrong\u003eDenial of Service\u003c/strong\u003e: Strict HTTP parsers (proxies, servers) will reject requests with duplicate\u0026nbsp;\u003ccode\u003eContent-Length\u003c/code\u003e\u0026nbsp;headers (400 Bad Request)\u003c/li\u003e\u003cli\u003e\u003cstrong\u003eHTTP Request Smuggling\u003c/strong\u003e: In deployments where an intermediary and backend interpret duplicate headers inconsistently (e.g., one uses the first value, the other uses the last), this can enable request smuggling attacks leading to ACL bypass, cache poisoning, or credential hijacking\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "Undici allows duplicate HTTP\u00a0Content-Length\u00a0headers when they are provided in an array with case-variant names (e.g.,\u00a0Content-Length\u00a0and\u00a0content-length). This produces malformed HTTP/1.1 requests with multiple conflicting\u00a0Content-Length\u00a0values on the wire.\n\nWho is impacted:\n\n * Applications using\u00a0undici.request(),\u00a0undici.Client, or similar low-level APIs with headers passed as flat arrays\n * Applications that accept user-controlled header names without case-normalization\n\n\nPotential consequences:\n\n * Denial of Service: Strict HTTP parsers (proxies, servers) will reject requests with duplicate\u00a0Content-Length\u00a0headers (400 Bad Request)\n * HTTP Request Smuggling: In deployments where an intermediary and backend interpret duplicate headers inconsistently (e.g., one uses the first value, the other uses the last), this can enable request smuggling attacks leading to ACL bypass, cache poisoning, or credential hijacking"
}
],
"impacts": [
{
"capecId": "CAPEC-33",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-33 HTTP Request Smuggling"
}
]
},
{
"capecId": "CAPEC-273",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-273 HTTP Response Smuggling"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-444",
"description": "CWE-444 Inconsistent interpretation of HTTP requests (\u0027HTTP Request/Response smuggling\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-12T19:56:55.092Z",
"orgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
"shortName": "openjs"
},
"references": [
{
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm"
},
{
"url": "https://www.rfc-editor.org/rfc/rfc9110.html#section-8.6"
},
{
"url": "https://cwe.mitre.org/data/definitions/444.html"
},
{
"url": "https://hackerone.com/reports/3556037"
},
{
"url": "https://cna.openjsf.org/security-advisories.html"
}
],
"source": {
"advisory": "GHSA-2mjp-6q6p-2qxm",
"discovery": "INTERNAL"
},
"title": "undici is vulnerable to Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIf upgrading is not immediately possible:\u003c/p\u003e\u003col\u003e\u003cli\u003e\u003cstrong\u003eValidate header names\u003c/strong\u003e: Ensure no duplicate\u0026nbsp;\u003ccode\u003eContent-Length\u003c/code\u003e\u0026nbsp;headers (case-insensitive) are present before passing headers to undici\u003c/li\u003e\u003cli\u003e\u003cstrong\u003eUse object format\u003c/strong\u003e: Pass headers as a plain object (\u003ccode\u003e{ \u0027content-length\u0027: \u0027123\u0027 }\u003c/code\u003e) rather than an array, which naturally deduplicates by key\u003c/li\u003e\u003cli\u003e\u003cstrong\u003eSanitize user input\u003c/strong\u003e: If headers originate from user input, normalize header names to lowercase and reject duplicates\u003c/li\u003e\u003c/ol\u003e"
}
],
"value": "If upgrading is not immediately possible:\n\n * Validate header names: Ensure no duplicate\u00a0Content-Length\u00a0headers (case-insensitive) are present before passing headers to undici\n * Use object format: Pass headers as a plain object ({ \u0027content-length\u0027: \u0027123\u0027 }) rather than an array, which naturally deduplicates by key\n * Sanitize user input: If headers originate from user input, normalize header names to lowercase and reject duplicates"
}
],
"x_generator": {
"engine": "Vulnogram 1.0.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
"assignerShortName": "openjs",
"cveId": "CVE-2026-1525",
"datePublished": "2026-03-12T19:56:55.092Z",
"dateReserved": "2026-01-28T12:04:51.369Z",
"dateUpdated": "2026-03-12T20:46:13.379Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-1528 (GCVE-0-2026-1528)
Vulnerability from nvd – Published: 2026-03-12 20:21 – Updated: 2026-03-13 13:04
VLAI
Title
undici is vulnerable to Malicious WebSocket 64-bit length overflows undici parser and crashes the client
Summary
ImpactA server can reply with a WebSocket frame using the 64-bit length form and an extremely large length. undici's ByteParser overflows internal math, ends up in an invalid state, and throws a fatal TypeError that terminates the process.
Patches
Patched in the undici version v7.24.0 and v6.24.0. Users should upgrade to this version or later.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1528",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-13T13:03:59.738320Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-13T13:04:57.048Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/nodejs/undici/",
"defaultStatus": "unaffected",
"packageName": "undici",
"product": "undici",
"repo": "https://github.com/nodejs/undici/",
"vendor": "undici",
"versions": [
{
"status": "affected",
"version": "\u003e= 6.0.0 \u003c 6.24.0; 7.0.0 \u003c 7.24.0"
},
{
"status": "unaffected",
"version": "6.24.0: 7.24.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "remediation reviewer",
"value": "Matteo Collina"
},
{
"lang": "en",
"type": "remediation developer",
"value": "Ulises Gasc\u00f3n"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ch3\u003e\u003cspan\u003eImpact\u003c/span\u003e\u003c/h3\u003e\u003cp\u003eA server can reply with a WebSocket frame using the 64-bit length form and an extremely large length. undici\u0027s ByteParser overflows internal math, ends up in an invalid state, and throws a fatal TypeError that terminates the process.\u003cbr\u003e\u003cbr\u003e\u003cb\u003ePatches\u003cbr\u003e\u003c/b\u003e\u003cbr\u003ePatched in the undici version v7.24.0 and v6.24.0. Users should upgrade to this version or later.\u003cbr\u003e\u003c/p\u003e\u003cbr\u003e"
}
],
"value": "ImpactA server can reply with a WebSocket frame using the 64-bit length form and an extremely large length. undici\u0027s ByteParser overflows internal math, ends up in an invalid state, and throws a fatal TypeError that terminates the process.\n\nPatches\n\nPatched in the undici version v7.24.0 and v6.24.0. Users should upgrade to this version or later."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-248",
"description": "CWE-248 Uncaught exception",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-1284",
"description": "CWE-1284 Improper validation of specified quantity in input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-12T20:21:57.775Z",
"orgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
"shortName": "openjs"
},
"references": [
{
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj"
},
{
"url": "https://hackerone.com/reports/3537648"
},
{
"url": "https://cna.openjsf.org/security-advisories.html"
}
],
"source": {
"advisory": "GHSA-f269-vfmq-vjvj",
"discovery": "UNKNOWN"
},
"title": "undici is vulnerable to Malicious WebSocket 64-bit length overflows undici parser and crashes the client",
"x_generator": {
"engine": "Vulnogram 1.0.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
"assignerShortName": "openjs",
"cveId": "CVE-2026-1528",
"datePublished": "2026-03-12T20:21:57.775Z",
"dateReserved": "2026-01-28T12:05:10.024Z",
"dateUpdated": "2026-03-13T13:04:57.048Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2581 (GCVE-0-2026-2581)
Vulnerability from nvd – Published: 2026-03-12 20:13 – Updated: 2026-03-13 18:04
VLAI
Title
undici is vulnerable to Unbounded Memory Consumption in in Undici's DeduplicationHandler via Response Buffering leads to DoS
Summary
This is an uncontrolled resource consumption vulnerability (CWE-400) that can lead to Denial of Service (DoS).
In vulnerable Undici versions, when interceptors.deduplicate() is enabled, response data for deduplicated requests could be accumulated in memory for downstream handlers. An attacker-controlled or untrusted upstream endpoint can exploit this with large/chunked responses and concurrent identical requests, causing high memory usage and potential OOM process termination.
Impacted users are applications that use Undici’s deduplication interceptor against endpoints that may produce large or long-lived response bodies.
PatchesThe issue has been patched by changing deduplication behavior to stream response chunks to downstream handlers as they arrive (instead of full-body accumulation), and by preventing late deduplication when body streaming has already started.
Users should upgrade to the first official Undici (and Node.js, where applicable) releases that include this patch.
Severity
5.9 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-770 - Allocation of resources without limits or throttling
Assigner
References
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2581",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-13T18:04:49.981133Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-13T18:04:58.799Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/nodejs/undici/",
"defaultStatus": "unaffected",
"packageName": "undici",
"product": "undici",
"repo": "https://github.com/nodejs/undici/",
"vendor": "undici",
"versions": [
{
"status": "affected",
"version": "\u003c 6.24.0; 7.0.0 \u003c 7.24.0"
},
{
"status": "unaffected",
"version": "6.24.0: 7.24.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "remediation developer",
"value": "Matteo Collina"
},
{
"lang": "en",
"type": "remediation reviewer",
"value": "Ulises Gasc\u00f3n"
},
{
"lang": "en",
"type": "finder",
"value": "Adnan Jakati"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThis is an uncontrolled resource consumption vulnerability (CWE-400) that can lead to Denial of Service (DoS).\u003c/p\u003e\u003cp\u003eIn vulnerable Undici versions, when\u0026nbsp;\u003ccode\u003einterceptors.deduplicate()\u003c/code\u003e\u0026nbsp;is enabled, response data for deduplicated requests could be accumulated in memory for downstream handlers. An attacker-controlled or untrusted upstream endpoint can exploit this with large/chunked responses and concurrent identical requests, causing high memory usage and potential OOM process termination.\u003c/p\u003e\u003cp\u003eImpacted users are applications that use Undici\u2019s deduplication interceptor against endpoints that may produce large or long-lived response bodies.\u003c/p\u003e\u003ch2\u003ePatches\u003c/h2\u003e\u003cp\u003eThe issue has been patched by changing deduplication behavior to stream response chunks to downstream handlers as they arrive (instead of full-body accumulation), and by preventing late deduplication when body streaming has already started.\u003c/p\u003e\u003cp\u003eUsers should upgrade to the first official Undici (and Node.js, where applicable) releases that include this patch.\u003c/p\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "This is an uncontrolled resource consumption vulnerability (CWE-400) that can lead to Denial of Service (DoS).\n\nIn vulnerable Undici versions, when\u00a0interceptors.deduplicate()\u00a0is enabled, response data for deduplicated requests could be accumulated in memory for downstream handlers. An attacker-controlled or untrusted upstream endpoint can exploit this with large/chunked responses and concurrent identical requests, causing high memory usage and potential OOM process termination.\n\nImpacted users are applications that use Undici\u2019s deduplication interceptor against endpoints that may produce large or long-lived response bodies.\n\nPatchesThe issue has been patched by changing deduplication behavior to stream response chunks to downstream handlers as they arrive (instead of full-body accumulation), and by preventing late deduplication when body streaming has already started.\n\nUsers should upgrade to the first official Undici (and Node.js, where applicable) releases that include this patch."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770 Allocation of resources without limits or throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-12T20:13:19.571Z",
"orgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
"shortName": "openjs"
},
"references": [
{
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-phc3-fgpg-7m6h"
},
{
"url": "https://hackerone.com/reports/3513473"
},
{
"url": "https://cna.openjsf.org/security-advisories.html"
}
],
"source": {
"advisory": "GHSA-phc3-fgpg-7m6h",
"discovery": "EXTERNAL"
},
"title": "undici is vulnerable to Unbounded Memory Consumption in in Undici\u0027s DeduplicationHandler via Response Buffering leads to DoS",
"x_generator": {
"engine": "Vulnogram 1.0.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
"assignerShortName": "openjs",
"cveId": "CVE-2026-2581",
"datePublished": "2026-03-12T20:13:19.571Z",
"dateReserved": "2026-02-16T12:07:35.310Z",
"dateUpdated": "2026-03-13T18:04:58.799Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-1527 (GCVE-0-2026-1527)
Vulnerability from nvd – Published: 2026-03-12 20:17 – Updated: 2026-03-13 18:06
VLAI
Title
undici is vulnerable to CRLF Injection via upgrade option
Summary
ImpactWhen an application passes user-controlled input to the upgrade option of client.request(), an attacker can inject CRLF sequences (\r\n) to:
* Inject arbitrary HTTP headers
* Terminate the HTTP request prematurely and smuggle raw data to non-HTTP services (Redis, Memcached, Elasticsearch)
The vulnerability exists because undici writes the upgrade value directly to the socket without validating for invalid header characters:
// lib/dispatcher/client-h1.js:1121
if (upgrade) {
header += `connection: upgrade\r\nupgrade: ${upgrade}\r\n`
}
Severity
4.6 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-93 - Improper neutralization of CRLF sequences ('CRLF injection')
Assigner
References
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1527",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-13T18:05:24.550959Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-13T18:06:03.794Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/nodejs/undici/",
"defaultStatus": "unaffected",
"packageName": "undici",
"product": "undici",
"repo": "https://github.com/nodejs/undici/",
"vendor": "undici",
"versions": [
{
"status": "affected",
"version": "\u003c 6.24.0; 7.0.0 \u003c 7.24.0"
},
{
"status": "unaffected",
"version": "6.24.0: 7.24.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "remediation developer",
"value": "Matteo Collina"
},
{
"lang": "en",
"type": "remediation developer",
"value": "Ulises Gasc\u00f3n"
},
{
"lang": "en",
"type": "analyst",
"value": "Raul Vega del Valle"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ch3\u003eImpact\u003c/h3\u003e\u003cp\u003eWhen an application passes user-controlled input to the\u0026nbsp;\u003ccode\u003eupgrade\u003c/code\u003e\u0026nbsp;option of\u0026nbsp;\u003ccode\u003eclient.request()\u003c/code\u003e, an attacker can inject CRLF sequences (\u003ccode\u003e\\r\\n\u003c/code\u003e) to:\u003c/p\u003e\u003col\u003e\u003cli\u003eInject arbitrary HTTP headers\u003c/li\u003e\u003cli\u003eTerminate the HTTP request prematurely and smuggle raw data to non-HTTP services (Redis, Memcached, Elasticsearch)\u003c/li\u003e\u003c/ol\u003e\u003cp\u003eThe vulnerability exists because undici writes the\u0026nbsp;\u003ccode\u003eupgrade\u003c/code\u003e\u0026nbsp;value directly to the socket without validating for invalid header characters:\u003c/p\u003e\u003cdiv\u003e\u003cpre\u003e// lib/dispatcher/client-h1.js:1121\nif (upgrade) {\n header += `connection: upgrade\\r\\nupgrade: ${upgrade}\\r\\n`\n}\u003c/pre\u003e\u003c/div\u003e"
}
],
"value": "ImpactWhen an application passes user-controlled input to the\u00a0upgrade\u00a0option of\u00a0client.request(), an attacker can inject CRLF sequences (\\r\\n) to:\n\n * Inject arbitrary HTTP headers\n * Terminate the HTTP request prematurely and smuggle raw data to non-HTTP services (Redis, Memcached, Elasticsearch)\nThe vulnerability exists because undici writes the\u00a0upgrade\u00a0value directly to the socket without validating for invalid header characters:\n\n// lib/dispatcher/client-h1.js:1121\nif (upgrade) {\n header += `connection: upgrade\\r\\nupgrade: ${upgrade}\\r\\n`\n}"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-93",
"description": "CWE-93 Improper neutralization of CRLF sequences (\u0027CRLF injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-12T20:17:18.984Z",
"orgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
"shortName": "openjs"
},
"references": [
{
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-4992-7rv2-5pvq"
},
{
"url": "https://hackerone.com/reports/3487198"
},
{
"url": "https://cna.openjsf.org/security-advisories.html"
}
],
"source": {
"advisory": "GHSA-4992-7rv2-5pvq",
"discovery": "EXTERNAL"
},
"title": "undici is vulnerable to CRLF Injection via upgrade option",
"x_generator": {
"engine": "Vulnogram 1.0.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
"assignerShortName": "openjs",
"cveId": "CVE-2026-1527",
"datePublished": "2026-03-12T20:17:18.984Z",
"dateReserved": "2026-01-28T12:05:08.491Z",
"dateUpdated": "2026-03-13T18:06:03.794Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2229 (GCVE-0-2026-2229)
Vulnerability from nvd – Published: 2026-03-12 20:27 – Updated: 2026-03-13 13:06
VLAI
Title
undici is vulnerable to Unhandled Exception in undici WebSocket Client Due to Invalid server_max_window_bits Validation
Summary
ImpactThe undici WebSocket client is vulnerable to a denial-of-service attack due to improper validation of the server_max_window_bits parameter in the permessage-deflate extension. When a WebSocket client connects to a server, it automatically advertises support for permessage-deflate compression. A malicious server can respond with an out-of-range server_max_window_bits value (outside zlib's valid range of 8-15). When the server subsequently sends a compressed frame, the client attempts to create a zlib InflateRaw instance with the invalid windowBits value, causing a synchronous RangeError exception that is not caught, resulting in immediate process termination.
The vulnerability exists because:
* The isValidClientWindowBits() function only validates that the value contains ASCII digits, not that it falls within the valid range 8-15
* The createInflateRaw() call is not wrapped in a try-catch block
* The resulting exception propagates up through the call stack and crashes the Node.js process
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2229",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-13T13:06:30.575811Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-13T13:06:46.814Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/nodejs/undici/",
"defaultStatus": "unaffected",
"packageName": "undici",
"product": "undici",
"repo": "https://github.com/nodejs/undici/",
"vendor": "undici",
"versions": [
{
"status": "affected",
"version": "\u003c 6.24.0; 7.0.0 \u003c 7.24.0"
},
{
"status": "unaffected",
"version": "6.24.0: 7.24.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "remediation developer",
"value": "Matteo Collina"
},
{
"lang": "en",
"type": "remediation reviewer",
"value": "Ulises Gasc\u00f3n"
},
{
"lang": "en",
"type": "remediation reviewer",
"value": "Rafael Gonzaga"
},
{
"lang": "en",
"type": "remediation reviewer",
"value": "Ethan Arrowood"
},
{
"lang": "en",
"type": "reporter",
"value": "Aisle Research"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ch3\u003e\u003cspan\u003eImpact\u003c/span\u003e\u003c/h3\u003e\u003cp\u003eThe undici WebSocket client is vulnerable to a denial-of-service attack due to improper validation of the\u0026nbsp;\u003ccode\u003eserver_max_window_bits\u003c/code\u003e\u0026nbsp;parameter in the permessage-deflate extension. When a WebSocket client connects to a server, it automatically advertises support for permessage-deflate compression. A malicious server can respond with an out-of-range\u0026nbsp;\u003ccode\u003eserver_max_window_bits\u003c/code\u003e\u0026nbsp;value (outside zlib\u0027s valid range of 8-15). When the server subsequently sends a compressed frame, the client attempts to create a zlib InflateRaw instance with the invalid windowBits value, causing a synchronous RangeError exception that is not caught, resulting in immediate process termination.\u003c/p\u003e\u003cp\u003eThe vulnerability exists because:\u003c/p\u003e\u003col\u003e\u003cli\u003eThe\u0026nbsp;\u003ccode\u003eisValidClientWindowBits()\u003c/code\u003e\u0026nbsp;function only validates that the value contains ASCII digits, not that it falls within the valid range 8-15\u003c/li\u003e\u003cli\u003eThe\u0026nbsp;\u003ccode\u003ecreateInflateRaw()\u003c/code\u003e\u0026nbsp;call is not wrapped in a try-catch block\u003c/li\u003e\u003cli\u003eThe resulting exception propagates up through the call stack and crashes the Node.js process\u003c/li\u003e\u003c/ol\u003e\u003cbr\u003e"
}
],
"value": "ImpactThe undici WebSocket client is vulnerable to a denial-of-service attack due to improper validation of the\u00a0server_max_window_bits\u00a0parameter in the permessage-deflate extension. When a WebSocket client connects to a server, it automatically advertises support for permessage-deflate compression. A malicious server can respond with an out-of-range\u00a0server_max_window_bits\u00a0value (outside zlib\u0027s valid range of 8-15). When the server subsequently sends a compressed frame, the client attempts to create a zlib InflateRaw instance with the invalid windowBits value, causing a synchronous RangeError exception that is not caught, resulting in immediate process termination.\n\nThe vulnerability exists because:\n\n * The\u00a0isValidClientWindowBits()\u00a0function only validates that the value contains ASCII digits, not that it falls within the valid range 8-15\n * The\u00a0createInflateRaw()\u00a0call is not wrapped in a try-catch block\n * The resulting exception propagates up through the call stack and crashes the Node.js process"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-248",
"description": "CWE-248 Uncaught exception",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-1284",
"description": "CWE-1284 Improper validation of specified quantity in input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-12T20:27:05.600Z",
"orgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
"shortName": "openjs"
},
"references": [
{
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8"
},
{
"url": "https://hackerone.com/reports/3487486"
},
{
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"url": "https://datatracker.ietf.org/doc/html/rfc7692"
},
{
"url": "https://nodejs.org/api/zlib.html#class-zlibinflateraw"
}
],
"source": {
"advisory": "GHSA-v9p9-hfj2-hcw8",
"discovery": "UNKNOWN"
},
"title": "undici is vulnerable to Unhandled Exception in undici WebSocket Client Due to Invalid server_max_window_bits Validation",
"x_generator": {
"engine": "Vulnogram 1.0.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
"assignerShortName": "openjs",
"cveId": "CVE-2026-2229",
"datePublished": "2026-03-12T20:27:05.600Z",
"dateReserved": "2026-02-08T17:51:16.985Z",
"dateUpdated": "2026-03-13T13:06:46.814Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-1526 (GCVE-0-2026-1526)
Vulnerability from nvd – Published: 2026-03-12 20:08 – Updated: 2026-03-13 18:04
VLAI
Title
undici is vulnerable to Unbounded Memory Consumption in undici WebSocket permessage-deflate Decompression
Summary
The undici WebSocket client is vulnerable to a denial-of-service attack via unbounded memory consumption during permessage-deflate decompression. When a WebSocket connection negotiates the permessage-deflate extension, the client decompresses incoming compressed frames without enforcing any limit on the decompressed data size. A malicious WebSocket server can send a small compressed frame (a "decompression bomb") that expands to an extremely large size in memory, causing the Node.js process to exhaust available memory and crash or become unresponsive.
The vulnerability exists in the PerMessageDeflate.decompress() method, which accumulates all decompressed chunks in memory and concatenates them into a single Buffer without checking whether the total size exceeds a safe threshold.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-409 - Improper handling of highly compressed data (data amplification)
Assigner
References
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1526",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-13T18:04:06.608247Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-13T18:04:20.683Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/nodejs/undici/",
"defaultStatus": "unaffected",
"packageName": "undici",
"product": "undici",
"repo": "https://github.com/nodejs/undici/",
"vendor": "undici",
"versions": [
{
"status": "affected",
"version": "\u003c 6.24.0; 7.0.0 \u003c 7.24.0"
},
{
"status": "unaffected",
"version": "6.24.0: 7.24.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "remediation developer",
"value": "Matteo Collina"
},
{
"lang": "en",
"type": "remediation developer",
"value": "Ulises Gasc\u00f3n"
},
{
"lang": "en",
"type": "finder",
"value": "HO9"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe undici WebSocket client is vulnerable to a denial-of-service attack via unbounded memory consumption during permessage-deflate decompression. When a WebSocket connection negotiates the permessage-deflate extension, the client decompresses incoming compressed frames without enforcing any limit on the decompressed data size. A malicious WebSocket server can send a small compressed frame (a \"decompression bomb\") that expands to an extremely large size in memory, causing the Node.js process to exhaust available memory and crash or become unresponsive.\u003c/p\u003e\u003cp\u003eThe vulnerability exists in the\u0026nbsp;\u003ccode\u003ePerMessageDeflate.decompress()\u003c/code\u003e\u0026nbsp;method, which accumulates all decompressed chunks in memory and concatenates them into a single Buffer without checking whether the total size exceeds a safe threshold.\u003c/p\u003e"
}
],
"value": "The undici WebSocket client is vulnerable to a denial-of-service attack via unbounded memory consumption during permessage-deflate decompression. When a WebSocket connection negotiates the permessage-deflate extension, the client decompresses incoming compressed frames without enforcing any limit on the decompressed data size. A malicious WebSocket server can send a small compressed frame (a \"decompression bomb\") that expands to an extremely large size in memory, causing the Node.js process to exhaust available memory and crash or become unresponsive.\n\nThe vulnerability exists in the\u00a0PerMessageDeflate.decompress()\u00a0method, which accumulates all decompressed chunks in memory and concatenates them into a single Buffer without checking whether the total size exceeds a safe threshold."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-409",
"description": "CWE-409 Improper handling of highly compressed data (data amplification)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-12T20:08:05.950Z",
"orgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
"shortName": "openjs"
},
"references": [
{
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q"
},
{
"url": "https://hackerone.com/reports/3481206"
},
{
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"url": "https://datatracker.ietf.org/doc/html/rfc7692"
}
],
"source": {
"advisory": "GHSA-vrm6-8vpv-qv8q",
"discovery": "EXTERNAL"
},
"title": "undici is vulnerable to Unbounded Memory Consumption in undici WebSocket permessage-deflate Decompression",
"x_generator": {
"engine": "Vulnogram 1.0.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
"assignerShortName": "openjs",
"cveId": "CVE-2026-1526",
"datePublished": "2026-03-12T20:08:05.950Z",
"dateReserved": "2026-01-28T12:05:07.017Z",
"dateUpdated": "2026-03-13T18:04:20.683Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-1525 (GCVE-0-2026-1525)
Vulnerability from nvd – Published: 2026-03-12 19:56 – Updated: 2026-03-12 20:46
VLAI
Title
undici is vulnerable to Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
Summary
Undici allows duplicate HTTP Content-Length headers when they are provided in an array with case-variant names (e.g., Content-Length and content-length). This produces malformed HTTP/1.1 requests with multiple conflicting Content-Length values on the wire.
Who is impacted:
* Applications using undici.request(), undici.Client, or similar low-level APIs with headers passed as flat arrays
* Applications that accept user-controlled header names without case-normalization
Potential consequences:
* Denial of Service: Strict HTTP parsers (proxies, servers) will reject requests with duplicate Content-Length headers (400 Bad Request)
* HTTP Request Smuggling: In deployments where an intermediary and backend interpret duplicate headers inconsistently (e.g., one uses the first value, the other uses the last), this can enable request smuggling attacks leading to ACL bypass, cache poisoning, or credential hijacking
Severity
6.5 (Medium)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-444 - Inconsistent interpretation of HTTP requests ('HTTP Request/Response smuggling')
Assigner
References
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1525",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-12T20:44:24.555703Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-12T20:46:13.379Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/nodejs/undici/",
"defaultStatus": "unaffected",
"packageName": "undici",
"product": "undici",
"repo": "https://github.com/nodejs/undici/",
"vendor": "undici",
"versions": [
{
"status": "affected",
"version": "\u003c 6.24.0; 7.0.0 \u003c 7.24.0"
},
{
"status": "unaffected",
"version": "6.24.0: 7.24.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "remediation developer",
"value": "Matteo Collina"
},
{
"lang": "en",
"type": "remediation developer",
"value": "Ulises Gasc\u00f3n"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eUndici allows duplicate HTTP\u0026nbsp;\u003ccode\u003eContent-Length\u003c/code\u003e\u0026nbsp;headers when they are provided in an array with case-variant names (e.g.,\u0026nbsp;\u003ccode\u003eContent-Length\u003c/code\u003e\u0026nbsp;and\u0026nbsp;\u003ccode\u003econtent-length\u003c/code\u003e). This produces malformed HTTP/1.1 requests with multiple conflicting\u0026nbsp;\u003ccode\u003eContent-Length\u003c/code\u003e\u0026nbsp;values on the wire.\u003c/p\u003e\u003cp\u003e\u003cstrong\u003eWho is impacted:\u003c/strong\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eApplications using\u0026nbsp;\u003ccode\u003eundici.request()\u003c/code\u003e,\u0026nbsp;\u003ccode\u003eundici.Client\u003c/code\u003e, or similar low-level APIs with headers passed as flat arrays\u003c/li\u003e\u003cli\u003eApplications that accept user-controlled header names without case-normalization\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003cstrong\u003ePotential consequences:\u003c/strong\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003cstrong\u003eDenial of Service\u003c/strong\u003e: Strict HTTP parsers (proxies, servers) will reject requests with duplicate\u0026nbsp;\u003ccode\u003eContent-Length\u003c/code\u003e\u0026nbsp;headers (400 Bad Request)\u003c/li\u003e\u003cli\u003e\u003cstrong\u003eHTTP Request Smuggling\u003c/strong\u003e: In deployments where an intermediary and backend interpret duplicate headers inconsistently (e.g., one uses the first value, the other uses the last), this can enable request smuggling attacks leading to ACL bypass, cache poisoning, or credential hijacking\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "Undici allows duplicate HTTP\u00a0Content-Length\u00a0headers when they are provided in an array with case-variant names (e.g.,\u00a0Content-Length\u00a0and\u00a0content-length). This produces malformed HTTP/1.1 requests with multiple conflicting\u00a0Content-Length\u00a0values on the wire.\n\nWho is impacted:\n\n * Applications using\u00a0undici.request(),\u00a0undici.Client, or similar low-level APIs with headers passed as flat arrays\n * Applications that accept user-controlled header names without case-normalization\n\n\nPotential consequences:\n\n * Denial of Service: Strict HTTP parsers (proxies, servers) will reject requests with duplicate\u00a0Content-Length\u00a0headers (400 Bad Request)\n * HTTP Request Smuggling: In deployments where an intermediary and backend interpret duplicate headers inconsistently (e.g., one uses the first value, the other uses the last), this can enable request smuggling attacks leading to ACL bypass, cache poisoning, or credential hijacking"
}
],
"impacts": [
{
"capecId": "CAPEC-33",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-33 HTTP Request Smuggling"
}
]
},
{
"capecId": "CAPEC-273",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-273 HTTP Response Smuggling"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-444",
"description": "CWE-444 Inconsistent interpretation of HTTP requests (\u0027HTTP Request/Response smuggling\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-12T19:56:55.092Z",
"orgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
"shortName": "openjs"
},
"references": [
{
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm"
},
{
"url": "https://www.rfc-editor.org/rfc/rfc9110.html#section-8.6"
},
{
"url": "https://cwe.mitre.org/data/definitions/444.html"
},
{
"url": "https://hackerone.com/reports/3556037"
},
{
"url": "https://cna.openjsf.org/security-advisories.html"
}
],
"source": {
"advisory": "GHSA-2mjp-6q6p-2qxm",
"discovery": "INTERNAL"
},
"title": "undici is vulnerable to Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIf upgrading is not immediately possible:\u003c/p\u003e\u003col\u003e\u003cli\u003e\u003cstrong\u003eValidate header names\u003c/strong\u003e: Ensure no duplicate\u0026nbsp;\u003ccode\u003eContent-Length\u003c/code\u003e\u0026nbsp;headers (case-insensitive) are present before passing headers to undici\u003c/li\u003e\u003cli\u003e\u003cstrong\u003eUse object format\u003c/strong\u003e: Pass headers as a plain object (\u003ccode\u003e{ \u0027content-length\u0027: \u0027123\u0027 }\u003c/code\u003e) rather than an array, which naturally deduplicates by key\u003c/li\u003e\u003cli\u003e\u003cstrong\u003eSanitize user input\u003c/strong\u003e: If headers originate from user input, normalize header names to lowercase and reject duplicates\u003c/li\u003e\u003c/ol\u003e"
}
],
"value": "If upgrading is not immediately possible:\n\n * Validate header names: Ensure no duplicate\u00a0Content-Length\u00a0headers (case-insensitive) are present before passing headers to undici\n * Use object format: Pass headers as a plain object ({ \u0027content-length\u0027: \u0027123\u0027 }) rather than an array, which naturally deduplicates by key\n * Sanitize user input: If headers originate from user input, normalize header names to lowercase and reject duplicates"
}
],
"x_generator": {
"engine": "Vulnogram 1.0.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
"assignerShortName": "openjs",
"cveId": "CVE-2026-1525",
"datePublished": "2026-03-12T19:56:55.092Z",
"dateReserved": "2026-01-28T12:04:51.369Z",
"dateUpdated": "2026-03-12T20:46:13.379Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}