Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/node-undici@5.8.0%2Bdfsg1%2B~cs18.9.16-1?distro=trixie
Typedeb
Namespacedebian
Namenode-undici
Version5.8.0+dfsg1+~cs18.9.16-1
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version5.8.2+dfsg1+~cs18.9.18.1-1
Latest_non_vulnerable_version7.24.6+dfsg+~cs3.2.0-2
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-wqk1-vxt3-j3bb
vulnerability_id VCID-wqk1-vxt3-j3bb
summary 
undici before v5.8.0 vulnerable to CRLF injection in request headers
### Impact

It is possible to inject CRLF sequences into request headers in Undici.

```js
const undici = require('undici')

const response = undici.request("http://127.0.0.1:1000", {
  headers: {'a': "\r\nb"}
})
```

The same applies to `path` and `method`

### Patches

Update to v5.8.0

### Workarounds

Sanitize all HTTP headers from untrusted sources to eliminate `\r\n`.

### References

https://hackerone.com/reports/409943
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12116

### For more information

If you have any questions or comments about this advisory:

* Open an issue in [undici repository](https://github.com/nodejs/undici/issues)
* To make a report, follow the [SECURITY](https://github.com/nodejs/node/blob/HEAD/SECURITY.md) document
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31150.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31150.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-31150
reference_id
reference_type
scores
0
value 0.00507
scoring_system epss
scoring_elements 0.66297
published_at 2026-04-18T12:55:00Z
1
value 0.00507
scoring_system epss
scoring_elements 0.66282
published_at 2026-04-21T12:55:00Z
2
value 0.00507
scoring_system epss
scoring_elements 0.66247
published_at 2026-04-13T12:55:00Z
3
value 0.00507
scoring_system epss
scoring_elements 0.66278
published_at 2026-04-12T12:55:00Z
4
value 0.00507
scoring_system epss
scoring_elements 0.66291
published_at 2026-04-11T12:55:00Z
5
value 0.00507
scoring_system epss
scoring_elements 0.66271
published_at 2026-04-09T12:55:00Z
6
value 0.00507
scoring_system epss
scoring_elements 0.66258
published_at 2026-04-08T12:55:00Z
7
value 0.00507
scoring_system epss
scoring_elements 0.6621
published_at 2026-04-07T12:55:00Z
8
value 0.00507
scoring_system epss
scoring_elements 0.6624
published_at 2026-04-04T12:55:00Z
9
value 0.00507
scoring_system epss
scoring_elements 0.66213
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-31150
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/nodejs/undici
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/nodejs/undici
4
reference_url https://github.com/nodejs/undici/commit/a29a151d0140d095742d21a004023d024fe93259
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/nodejs/undici/commit/a29a151d0140d095742d21a004023d024fe93259
5
reference_url https://github.com/nodejs/undici/releases/tag/v5.8.0
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:40:20Z/
url https://github.com/nodejs/undici/releases/tag/v5.8.0
6
reference_url https://github.com/nodejs/undici/security/advisories/GHSA-3cvr-822r-rqcc
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:40:20Z/
url https://github.com/nodejs/undici/security/advisories/GHSA-3cvr-822r-rqcc
7
reference_url https://hackerone.com/reports/409943
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:40:20Z/
url https://hackerone.com/reports/409943
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-31150
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-31150
9
reference_url https://security.netapp.com/advisory/ntap-20220915-0002
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220915-0002
10
reference_url https://security.netapp.com/advisory/ntap-20220915-0002/
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:40:20Z/
url https://security.netapp.com/advisory/ntap-20220915-0002/
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2109354
reference_id 2109354
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2109354
12
reference_url https://github.com/advisories/GHSA-3cvr-822r-rqcc
reference_id GHSA-3cvr-822r-rqcc
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3cvr-822r-rqcc
fixed_packages
0
url pkg:deb/debian/node-undici@5.8.0%2Bdfsg1%2B~cs18.9.16-1?distro=trixie
purl pkg:deb/debian/node-undici@5.8.0%2Bdfsg1%2B~cs18.9.16-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-undici@5.8.0%252Bdfsg1%252B~cs18.9.16-1%3Fdistro=trixie
1
url pkg:deb/debian/node-undici@5.15.0%2Bdfsg1%2B~cs20.10.9.3-1%2Bdeb12u4?distro=trixie
purl pkg:deb/debian/node-undici@5.15.0%2Bdfsg1%2B~cs20.10.9.3-1%2Bdeb12u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1294-r4v2-3ud7
1
vulnerability VCID-g9bm-61bn-ryg5
2
vulnerability VCID-hgd1-7u6j-p7dh
3
vulnerability VCID-n6ew-t7g1-33gn
4
vulnerability VCID-pah5-gspe-hbbh
5
vulnerability VCID-ph2p-u33d-8yh3
6
vulnerability VCID-sy2z-sqgk-d7hg
7
vulnerability VCID-u8t3-4awy-k3fm
8
vulnerability VCID-xx5u-7mmp-akfs
9
vulnerability VCID-z653-vqsc-euer
10
vulnerability VCID-z7ac-jr58-gkfm
11
vulnerability VCID-zb3h-efqz-dff3
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-undici@5.15.0%252Bdfsg1%252B~cs20.10.9.3-1%252Bdeb12u4%3Fdistro=trixie
2
url pkg:deb/debian/node-undici@7.3.0%2Bdfsg1%2B~cs24.12.11-1?distro=trixie
purl pkg:deb/debian/node-undici@7.3.0%2Bdfsg1%2B~cs24.12.11-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1294-r4v2-3ud7
1
vulnerability VCID-g9bm-61bn-ryg5
2
vulnerability VCID-hgd1-7u6j-p7dh
3
vulnerability VCID-n6ew-t7g1-33gn
4
vulnerability VCID-ph2p-u33d-8yh3
5
vulnerability VCID-sy2z-sqgk-d7hg
6
vulnerability VCID-vdca-exd1-rfce
7
vulnerability VCID-z7ac-jr58-gkfm
8
vulnerability VCID-zb3h-efqz-dff3
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-undici@7.3.0%252Bdfsg1%252B~cs24.12.11-1%3Fdistro=trixie
3
url pkg:deb/debian/node-undici@7.18.2%2Bdfsg%2B~cs3.2.0-1?distro=trixie
purl pkg:deb/debian/node-undici@7.18.2%2Bdfsg%2B~cs3.2.0-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1294-r4v2-3ud7
1
vulnerability VCID-hgd1-7u6j-p7dh
2
vulnerability VCID-n6ew-t7g1-33gn
3
vulnerability VCID-ph2p-u33d-8yh3
4
vulnerability VCID-sy2z-sqgk-d7hg
5
vulnerability VCID-vdca-exd1-rfce
6
vulnerability VCID-z7ac-jr58-gkfm
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-undici@7.18.2%252Bdfsg%252B~cs3.2.0-1%3Fdistro=trixie
4
url pkg:deb/debian/node-undici@7.24.6%2Bdfsg%2B~cs3.2.0-2?distro=trixie
purl pkg:deb/debian/node-undici@7.24.6%2Bdfsg%2B~cs3.2.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-undici@7.24.6%252Bdfsg%252B~cs3.2.0-2%3Fdistro=trixie
aliases CVE-2022-31150, GHSA-3cvr-822r-rqcc
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wqk1-vxt3-j3bb
1
url VCID-x5np-z1be-m7gq
vulnerability_id VCID-x5np-z1be-m7gq
summary 
undici before v5.8.0 vulnerable to uncleared cookies on cross-host / cross-origin redirect
### Impact

Authorization headers are already cleared on cross-origin redirect in
https://github.com/nodejs/undici/blob/main/lib/handler/redirect.js#L189, based on https://github.com/nodejs/undici/issues/872.

However, cookie headers which are sensitive headers and are official headers found in the spec, remain uncleared. There also has been active discussion of implementing a cookie store https://github.com/nodejs/undici/pull/1441, which suggests that there are active users using cookie headers in undici.
As such this may lead to accidental leakage of cookie to a 3rd-party site or a malicious attacker who can control the redirection target (ie. an open redirector) to leak the cookie to the 3rd party site.

### Patches

This was patched in v5.8.0.

### Workarounds

By default, this vulnerability is not exploitable.
Do not enable redirections, i.e. `maxRedirections: 0` (the default). 

### References

https://hackerone.com/reports/1635514
https://curl.se/docs/CVE-2018-1000007.html
https://curl.se/docs/CVE-2022-27776.html

### For more information
If you have any questions or comments about this advisory:
* Open an issue in [undici repository](https://github.com/nodejs/undici/issues)
* To make a report, follow the [SECURITY](https://github.com/nodejs/node/blob/HEAD/SECURITY.md) document
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31151.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31151.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-31151
reference_id
reference_type
scores
0
value 0.00118
scoring_system epss
scoring_elements 0.30692
published_at 2026-04-21T12:55:00Z
1
value 0.00118
scoring_system epss
scoring_elements 0.30854
published_at 2026-04-02T12:55:00Z
2
value 0.00118
scoring_system epss
scoring_elements 0.30901
published_at 2026-04-04T12:55:00Z
3
value 0.00118
scoring_system epss
scoring_elements 0.30721
published_at 2026-04-07T12:55:00Z
4
value 0.00118
scoring_system epss
scoring_elements 0.30779
published_at 2026-04-08T12:55:00Z
5
value 0.00118
scoring_system epss
scoring_elements 0.30811
published_at 2026-04-09T12:55:00Z
6
value 0.00118
scoring_system epss
scoring_elements 0.30812
published_at 2026-04-11T12:55:00Z
7
value 0.00118
scoring_system epss
scoring_elements 0.30768
published_at 2026-04-12T12:55:00Z
8
value 0.00118
scoring_system epss
scoring_elements 0.30722
published_at 2026-04-13T12:55:00Z
9
value 0.00118
scoring_system epss
scoring_elements 0.30745
published_at 2026-04-16T12:55:00Z
10
value 0.00118
scoring_system epss
scoring_elements 0.30727
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-31151
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/nodejs/undici
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/nodejs/undici
4
reference_url https://github.com/nodejs/undici/blob/main/lib/handler/redirect.js#L189
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/nodejs/undici/blob/main/lib/handler/redirect.js#L189
5
reference_url https://github.com/nodejs/undici/commit/0a5bee9465e627be36bac88edf7d9bbc9626126d
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/nodejs/undici/commit/0a5bee9465e627be36bac88edf7d9bbc9626126d
6
reference_url https://github.com/nodejs/undici/issues/872
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:45:24Z/
url https://github.com/nodejs/undici/issues/872
7
reference_url https://github.com/nodejs/undici/pull/1441
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/nodejs/undici/pull/1441
8
reference_url https://github.com/nodejs/undici/releases/tag/v5.8.0
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/nodejs/undici/releases/tag/v5.8.0
9
reference_url https://hackerone.com/reports/1635514
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:45:24Z/
url https://hackerone.com/reports/1635514
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-31151
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-31151
11
reference_url https://security.netapp.com/advisory/ntap-20220909-0006
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220909-0006
12
reference_url https://security.netapp.com/advisory/ntap-20220909-0006/
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:45:24Z/
url https://security.netapp.com/advisory/ntap-20220909-0006/
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2121396
reference_id 2121396
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2121396
14
reference_url https://github.com/advisories/GHSA-q768-x9m6-m9qp
reference_id GHSA-q768-x9m6-m9qp
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-q768-x9m6-m9qp
15
reference_url https://github.com/nodejs/undici/security/advisories/GHSA-q768-x9m6-m9qp
reference_id GHSA-q768-x9m6-m9qp
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system cvssv3.1_qr
scoring_elements
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:45:24Z/
url https://github.com/nodejs/undici/security/advisories/GHSA-q768-x9m6-m9qp
fixed_packages
0
url pkg:deb/debian/node-undici@5.8.0%2Bdfsg1%2B~cs18.9.16-1?distro=trixie
purl pkg:deb/debian/node-undici@5.8.0%2Bdfsg1%2B~cs18.9.16-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-undici@5.8.0%252Bdfsg1%252B~cs18.9.16-1%3Fdistro=trixie
1
url pkg:deb/debian/node-undici@5.15.0%2Bdfsg1%2B~cs20.10.9.3-1%2Bdeb12u4?distro=trixie
purl pkg:deb/debian/node-undici@5.15.0%2Bdfsg1%2B~cs20.10.9.3-1%2Bdeb12u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1294-r4v2-3ud7
1
vulnerability VCID-g9bm-61bn-ryg5
2
vulnerability VCID-hgd1-7u6j-p7dh
3
vulnerability VCID-n6ew-t7g1-33gn
4
vulnerability VCID-pah5-gspe-hbbh
5
vulnerability VCID-ph2p-u33d-8yh3
6
vulnerability VCID-sy2z-sqgk-d7hg
7
vulnerability VCID-u8t3-4awy-k3fm
8
vulnerability VCID-xx5u-7mmp-akfs
9
vulnerability VCID-z653-vqsc-euer
10
vulnerability VCID-z7ac-jr58-gkfm
11
vulnerability VCID-zb3h-efqz-dff3
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-undici@5.15.0%252Bdfsg1%252B~cs20.10.9.3-1%252Bdeb12u4%3Fdistro=trixie
2
url pkg:deb/debian/node-undici@7.3.0%2Bdfsg1%2B~cs24.12.11-1?distro=trixie
purl pkg:deb/debian/node-undici@7.3.0%2Bdfsg1%2B~cs24.12.11-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1294-r4v2-3ud7
1
vulnerability VCID-g9bm-61bn-ryg5
2
vulnerability VCID-hgd1-7u6j-p7dh
3
vulnerability VCID-n6ew-t7g1-33gn
4
vulnerability VCID-ph2p-u33d-8yh3
5
vulnerability VCID-sy2z-sqgk-d7hg
6
vulnerability VCID-vdca-exd1-rfce
7
vulnerability VCID-z7ac-jr58-gkfm
8
vulnerability VCID-zb3h-efqz-dff3
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-undici@7.3.0%252Bdfsg1%252B~cs24.12.11-1%3Fdistro=trixie
3
url pkg:deb/debian/node-undici@7.18.2%2Bdfsg%2B~cs3.2.0-1?distro=trixie
purl pkg:deb/debian/node-undici@7.18.2%2Bdfsg%2B~cs3.2.0-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1294-r4v2-3ud7
1
vulnerability VCID-hgd1-7u6j-p7dh
2
vulnerability VCID-n6ew-t7g1-33gn
3
vulnerability VCID-ph2p-u33d-8yh3
4
vulnerability VCID-sy2z-sqgk-d7hg
5
vulnerability VCID-vdca-exd1-rfce
6
vulnerability VCID-z7ac-jr58-gkfm
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-undici@7.18.2%252Bdfsg%252B~cs3.2.0-1%3Fdistro=trixie
4
url pkg:deb/debian/node-undici@7.24.6%2Bdfsg%2B~cs3.2.0-2?distro=trixie
purl pkg:deb/debian/node-undici@7.24.6%2Bdfsg%2B~cs3.2.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-undici@7.24.6%252Bdfsg%252B~cs3.2.0-2%3Fdistro=trixie
aliases CVE-2022-31151, GHSA-q768-x9m6-m9qp
risk_score 1.6
exploitability 0.5
weighted_severity 3.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x5np-z1be-m7gq
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/node-undici@5.8.0%252Bdfsg1%252B~cs18.9.16-1%3Fdistro=trixie