undici before v5.8.0 vulnerable to CRLF injection in request headers
- Severity:
- Medium
Description
It is possible to inject CRLF sequences into request headers in Undici.
The same applies to path and method
Recommendation
Update the undici package to the latest compatible version. Followings are version details:
- Affected version(s): < 5.8.0
- Patched version(s): 5.8.0
References
- GHSA-3cvr-822r-rqcc
- hackerone.com
- security.netapp.com
- CVE-2022-31150
- CWE-93
- CAPEC-310
- OWASP 2021-A3
- OWASP 2021-A6
Related Issues
- Nodejs ‘undici’ vulnerable to CRLF Injection via Content-Type - CVE-2022-35948
- undici before v5.8.0 vulnerable to uncleared cookies on cross-host / cross-origin redirect - CVE-2022-31151
- `undici.request` vulnerable to SSRF using absolute URL on `pathname` - CVE-2022-35949
- Vite before v2.9.13 vulnerable to directory traversal via crafted URL to victim's service - CVE-2022-35204
- Tags:
- npm
- undici
Anything's wrong? Let us know Last updated on January 27, 2023