Filter
AND

Software

nodejs undici
8

F5 BIG-IPInput Validation

medium
4.3
First published (updated )
CVE-2018-12123

Fedoraproject FedoraUndici's Proxy-Authorization header not cleared on cross-origin redirect for dispatch, request, stream, pipeline

medium
4.3
EPSS
0.04%
First published (updated )
CVE-2024-30260

npm/undiciBackpressure request ignored in fetch() in Undici

medium
6.5
EPSS
0.04%
First published (updated )
CVE-2024-24750

npm/undiciProxy-Authorization header not cleared on cross-origin redirect in fetch in Undici

medium
4.5
EPSS
0.04%
First published (updated )
CVE-2024-24758

redhat/nodejsCRLF Injection in Nodejs ‘undici’ via host

medium
6.5
First published (updated )
CVE-2023-23936

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Node.jsXSS

medium
6.5
First published (updated )
CVE-2022-35256

Node.jsXSS

medium
6.5
First published (updated )
CVE-2022-32214

Node.jsXSS

medium
6.5
First published (updated )
CVE-2022-32215

Node.jsXSS

medium
6.5
First published (updated )
CVE-2022-32213

redhat/nodejsInput Validation

medium
5.3
First published (updated )
CVE-2021-22939

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Node.jsLast updated 24 July 2024

medium
4.2
First published (updated )
CVE-2023-23920

redhat/nodeNode.js is vulnerable to a denial of service, caused by an out-of-bounds read in the libuv's uv__idn…

medium
5.3
First published (updated )
CVE-2021-22918

Siemens Sinec InsNode.js could allow a remote attacker to bypass security restrictions. By attempting to read openssl…

medium
5.3
First published (updated )
CVE-2022-32222

Oracle Communications Diameter Signaling Router0-byte record padding oracle

medium
5.9
First published (updated )
CVE-2019-1559

OpenSSL libcryptoInfoleak

medium
5.9
First published (updated )
CVE-2017-3732

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Node.jsLast updated 24 July 2024

medium
5.9
First published (updated )
CVE-2016-7055

OpenSSL libcryptoLast updated 24 July 2024

medium
5.9
First published (updated )
CVE-2016-6306

OpenSSL libcryptoLast updated 24 July 2024

medium
5.5
First published (updated )
CVE-2016-2178

Node.jsXSS, Input Validation

medium
6.8
First published (updated )
CVE-2021-3672

Fedoraproject FedoraPath Traversal

medium
5.3
First published (updated )
CVE-2023-32003

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Node.jsNode.js could allow a remote attacker to obtain sensitive information, caused by the failure to rest…

medium
5.3
First published (updated )
CVE-2023-32005

Node.jsNode.js had a bug in versions 8.X and 9.X which caused buffers to not be initialized when the encodi…

medium
4.3
First published (updated )
CVE-2017-15897

Oracle Primavera P6 Enterprise Project Portfolio ManagementTiming attack against ECDSA signature generation

medium
5.9
First published (updated )
CVE-2018-0735

Node.jsInput Validation

medium
6.4
First published (updated )
CVE-2012-2330

Node.jsInput Validation

medium
5
First published (updated )
CVE-2013-4450

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

IBM Security Verify GovernanceThe qs module before 1.0.0 in Node.js does not call the compact function for array data, which allow…

medium
5
First published (updated )
CVE-2014-7191

Node.jsBuffer Overflow

medium
5
First published (updated )
CVE-2014-5256

Debian Debian Linuxnode 0.3.2 and URONode before 1.0.5r3 allows remote attackers to cause a denial of service (bandwidt…

medium
6.8
First published (updated )
CVE-2015-2927

Node.jsThe tls.checkServerIdentity function in Node.js 0.10.x before 0.10.47, 0.12.x before 0.12.16, 4.x be…

medium
5.9
First published (updated )
CVE-2016-7099

Node.jsCRLF Injection

medium
6.1
First published (updated )
CVE-2016-5325

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203