CVE-2023-45143 - Cookie Leakage via Cross-Origin Redirects in Node.js Undici HTTP Client
Undici is a popular HTTP/1.1 client, built from scratch for Node.js, often praised for its speed and spec compliance. But in late
CVE-2023-23936 - CRLF Injection in Node.js Undici – Full Guide, Exploit Details, and Fix
Undici is a popular HTTP/1.1 client for Node.js that’s known for being *fast* and *lightweight*. But in early 2023, a critical
CVE-2023-24807 - Undici HTTP Client Regex Dangers — Understanding and Exploiting the ReDoS Vulnerability
Undici is a widely-used HTTP/1.1 client for Node.js. In early 2023, a high-profile vulnerability was discovered in its Headers.set() and Headers.
Episode
00:00:00
00:00:00