Undici
CVE-2022-32210
MEDIUM
Severity by source
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
Lifecycle Timeline
1DescriptionNVD
Undici.ProxyAgent never verifies the remote server's certificate, and always exposes all request & response data to the proxy. This unexpectedly means that proxies can MitM all HTTPS traffic, and if the proxy's URL is HTTP then it also means that nominally HTTPS requests are actually sent via plain-text HTTP between Undici and the proxy server.
AnalysisAI
Undici.ProxyAgent never verifies the remote server's certificate, and always exposes all request & response data to the proxy. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-295. Undici.ProxyAgent never verifies the remote server's certificate, and always exposes all request & response data to the proxy. This unexpectedly means that proxies can MitM all HTTPS traffic, and if the proxy's URL is HTTP then it also means that nominally HTTPS requests are actually sent via plain-text HTTP between Undici and the proxy server. Affected products include: Nodejs Undici.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
undici is an HTTP/1.1 client, written from scratch for Node.js.`undici` is vulnerable to SSRF (Server-side Request Forge
Memory exhaustion denial of service in the undici WebSocket client (versions 6.17.0 and later) allows a malicious or com
Authorization headers are cleared on cross-origin redirect. Rated medium severity (CVSS 6.5), this vulnerability is remo
Undici is an HTTP/1.1 client for Node.js. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable,
undici is an HTTP/1.1 client, written from scratch for Node.js.`=< undici@5.8.0` users are vulnerable to _CRLF Injection
Cross-origin request misrouting in undici's Socks5ProxyAgent (introduced in 7.23.0, affecting all releases through 8.1.0
Denial-of-service in the undici WebSocket client (Node.js HTTP/WebSocket library) version 8.1.0 through versions prior t
Node.js undici WebSocket client denial-of-service vulnerability allows remote attackers to crash the process by sending
Undici's WebSocket frame parser fails to properly validate 64-bit length fields, causing integer overflow in internal ca
Node.js undici WebSocket client denial-of-service via decompression bomb in permessage-deflate processing allows remote
Undici is an HTTP/1.1 client, written from scratch for Node.js. Rated low severity (CVSS 3.5), this vulnerability is rem
Undici is an HTTP/1.1 client for Node.js. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no
Same weakness CWE-295 – Improper Certificate Validation
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today