{"vulnerability": "CVE-2024-30261", "sightings": [{"uuid": "e1a9837c-452b-4059-aa9d-2175ee55d0bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-30261", "type": "seen", "source": "https://t.me/arpsyndicate/4729", "content": "#ExploitObserverAlert\n\nCVE-2024-30261\n\nDESCRIPTION: Exploit Observer has 7 entries in 2 file formats related to CVE-2024-30261. Undici is an HTTP/1.1 client, written from scratch for Node.js. An attacker can alter the `integrity` option passed to `fetch()`, allowing `fetch()` to accept requests as valid even if they have been tampered. This vulnerability was patched in version(s) 5.28.4 and 6.11.1.\n\nFIRST-EPSS: 0.000440000\nARPS-PRIORITY: 0.7172316", "creation_timestamp": "2024-04-20T18:49:39.000000Z"}, {"uuid": "e3382f46-5bc6-408e-8b57-edba4765a3fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-30261", "type": "seen", "source": "https://t.me/arpsyndicate/4580", "content": "#ExploitObserverAlert\n\nCVE-2024-30261\n\nDESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-30261. Undici is an HTTP/1.1 client, written from scratch for Node.js. An attacker can alter the `integrity` option passed to `fetch()`, allowing `fetch()` to accept requests as valid even if they have been tampered. This vulnerability was patched in version(s) 5.28.4 and 6.11.1.\n\nFIRST-EPSS: 0.000450000\nARPS-EXPLOITABILITY: 0.5780347", "creation_timestamp": "2024-04-12T09:43:22.000000Z"}]}