Security Advisory

CVE-2024-30260

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-04-04 15:15:44

Last updated 2025-11-04 16:11:54

Assigner GitHub_M

State PUBLISHED

Description

Undici is an HTTP/1.1 client, written from scratch for Node.js. Undici cleared Authorization and Proxy-Authorization headers for `fetch()`, but did not clear them for `undici.request()`. This vulnerability was patched in version(s) 5.28.4 and 6.11.1.

← Browse all CVEs View on cve.org ↗