Undici
Monthly
SameSite attribute parsing in undici's cookie implementation uses substring matching instead of the case-insensitive exact match required by RFC 6265, enabling a malicious or non-compliant upstream server to silently downgrade a cookie's SameSite enforcement to a more permissive value. All undici installations from v5.15.0 onward through the unpatched release branches are affected when consuming Set-Cookie headers via undici's fetch or proxy code paths and forwarding or relying on the parsed sameSite attribute. No public exploit has been identified and no CISA KEV listing exists at time of analysis; however, the integrity impact is concrete in architectures where SameSite policy enforcement is delegated to the parsed cookie attribute.
Response queue poisoning in Undici's HTTP/1.1 client allows an attacker-controlled or compromised upstream server to inject unsolicited HTTP responses onto idle keep-alive sockets, causing subsequent outbound requests to receive falsified responses. All Undici versions across the v6, v7, and v8 branches prior to the patched releases are affected when keep-alive connection reuse is active (the default). While the CVSS score is low (3.7) and no public exploit or KEV listing exists, the integrity impact can carry significant business logic consequences in applications that proxy requests through third-party or partially trusted upstream servers.
Cache information disclosure in Undici's shared-mode cache interceptor allows a prior authenticated user's HTTP response to be served to a subsequent, potentially unauthenticated, caller. Applications using Undici's explicit `interceptors.cache()` in shared mode that forward Authorization headers to an upstream which returns Cache-Control headers with whitespace-padded qualified directives (e.g., `private=" authorization"`) are affected across all v7 versions prior to 7.28.0 and all v8 versions prior to 8.5.0. No public exploit has been identified at time of analysis; exploitation is bounded by high attack complexity (CVSS AC:H, score 5.9), but when conditions align, the confidentiality impact is complete.
HTTP response header injection in undici's cookie parser exposes proxy, middleware, and SSR framework applications to session fixation, open redirect, and cache poisoning. The `parseSetCookie`, `parseCookie`, and `getSetCookies` functions incorrectly percent-decode cookie values using `qsUnescape`, converting encoded sequences such as `%0D%0A` into literal CRLF bytes in violation of RFC 6265 §5.4, which prescribes no such decoding. Any application that fetches from an attacker-controlled upstream and forwards the parsed cookie value into a downstream response header is exploitable; no public exploit has been identified at time of analysis, and patched releases v6.26.0, v7.28.0, and v8.5.0 are available.
TLS pinning bypass in undici 7.23.0 through 7.27.x and 8.x prior to 8.5.0 allows network-positioned attackers to perform man-in-the-middle attacks on HTTPS traffic routed through SOCKS5 proxies. The ProxyAgent silently drops the requestTls option (including ca, cert, key, rejectUnauthorized, and servername) when the proxy URI uses socks5:// or socks://, causing connections to fall back to Node.js's default Mozilla CA bundle instead of the application-configured trust anchor. No public exploit identified at time of analysis, but the CWE-295 improper certificate validation flaw directly defeats corporate CA pinning controls.
Cross-origin request misrouting in undici (Node.js HTTP client) versions 7.23.0 through 8.1.0 occurs when Socks5ProxyAgent shares a single connection pool across origins without validating the pool's origin against the requested destination. All requests get dispatched through the connection bound to the first origin, causing credentials and request bodies destined for origin B to be sent to origin A, responses from the wrong origin to be trusted, and HTTPS requests to be silently downgraded to HTTP. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Denial-of-service in the undici WebSocket client (Node.js HTTP/WebSocket library) version 8.1.0 through versions prior to 8.5.0 allows a malicious or compromised WebSocket server to exhaust client memory by streaming many small fragmented frames that individually pass the per-frame maxPayloadSize check but cumulatively bypass any size limit. The flaw is a regression introduced in the 8.1.0 line; no public exploit identified at time of analysis. Impact is limited to availability (process crash via memory exhaustion) with no confidentiality or integrity consequence per the CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H vector.
Memory exhaustion denial of service in the undici WebSocket client (versions 6.17.0 and later) allows a malicious or compromised WebSocket server to crash Node.js client processes by streaming an unbounded number of small or empty continuation frames. Because undici only caps cumulative payload bytes via maxPayloadSize and does not limit fragment count, attackers can drive unbounded memory growth without ever exceeding the configured size threshold. No public exploit identified at time of analysis and the vulnerability is not listed in CISA KEV.
Node.js Undici's response deduplication feature accumulates response bodies in memory instead of streaming them, allowing remote attackers to trigger denial of service through large or concurrent responses from untrusted endpoints. Applications using the deduplicate() interceptor are vulnerable to out-of-memory crashes when processing large or chunked responses. No patch is currently available.
Undici versions up to 7.18.0 is affected by allocation of resources without limits or throttling (CVSS 5.9).
SameSite attribute parsing in undici's cookie implementation uses substring matching instead of the case-insensitive exact match required by RFC 6265, enabling a malicious or non-compliant upstream server to silently downgrade a cookie's SameSite enforcement to a more permissive value. All undici installations from v5.15.0 onward through the unpatched release branches are affected when consuming Set-Cookie headers via undici's fetch or proxy code paths and forwarding or relying on the parsed sameSite attribute. No public exploit has been identified and no CISA KEV listing exists at time of analysis; however, the integrity impact is concrete in architectures where SameSite policy enforcement is delegated to the parsed cookie attribute.
Response queue poisoning in Undici's HTTP/1.1 client allows an attacker-controlled or compromised upstream server to inject unsolicited HTTP responses onto idle keep-alive sockets, causing subsequent outbound requests to receive falsified responses. All Undici versions across the v6, v7, and v8 branches prior to the patched releases are affected when keep-alive connection reuse is active (the default). While the CVSS score is low (3.7) and no public exploit or KEV listing exists, the integrity impact can carry significant business logic consequences in applications that proxy requests through third-party or partially trusted upstream servers.
Cache information disclosure in Undici's shared-mode cache interceptor allows a prior authenticated user's HTTP response to be served to a subsequent, potentially unauthenticated, caller. Applications using Undici's explicit `interceptors.cache()` in shared mode that forward Authorization headers to an upstream which returns Cache-Control headers with whitespace-padded qualified directives (e.g., `private=" authorization"`) are affected across all v7 versions prior to 7.28.0 and all v8 versions prior to 8.5.0. No public exploit has been identified at time of analysis; exploitation is bounded by high attack complexity (CVSS AC:H, score 5.9), but when conditions align, the confidentiality impact is complete.
HTTP response header injection in undici's cookie parser exposes proxy, middleware, and SSR framework applications to session fixation, open redirect, and cache poisoning. The `parseSetCookie`, `parseCookie`, and `getSetCookies` functions incorrectly percent-decode cookie values using `qsUnescape`, converting encoded sequences such as `%0D%0A` into literal CRLF bytes in violation of RFC 6265 §5.4, which prescribes no such decoding. Any application that fetches from an attacker-controlled upstream and forwards the parsed cookie value into a downstream response header is exploitable; no public exploit has been identified at time of analysis, and patched releases v6.26.0, v7.28.0, and v8.5.0 are available.
TLS pinning bypass in undici 7.23.0 through 7.27.x and 8.x prior to 8.5.0 allows network-positioned attackers to perform man-in-the-middle attacks on HTTPS traffic routed through SOCKS5 proxies. The ProxyAgent silently drops the requestTls option (including ca, cert, key, rejectUnauthorized, and servername) when the proxy URI uses socks5:// or socks://, causing connections to fall back to Node.js's default Mozilla CA bundle instead of the application-configured trust anchor. No public exploit identified at time of analysis, but the CWE-295 improper certificate validation flaw directly defeats corporate CA pinning controls.
Cross-origin request misrouting in undici (Node.js HTTP client) versions 7.23.0 through 8.1.0 occurs when Socks5ProxyAgent shares a single connection pool across origins without validating the pool's origin against the requested destination. All requests get dispatched through the connection bound to the first origin, causing credentials and request bodies destined for origin B to be sent to origin A, responses from the wrong origin to be trusted, and HTTPS requests to be silently downgraded to HTTP. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Denial-of-service in the undici WebSocket client (Node.js HTTP/WebSocket library) version 8.1.0 through versions prior to 8.5.0 allows a malicious or compromised WebSocket server to exhaust client memory by streaming many small fragmented frames that individually pass the per-frame maxPayloadSize check but cumulatively bypass any size limit. The flaw is a regression introduced in the 8.1.0 line; no public exploit identified at time of analysis. Impact is limited to availability (process crash via memory exhaustion) with no confidentiality or integrity consequence per the CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H vector.
Memory exhaustion denial of service in the undici WebSocket client (versions 6.17.0 and later) allows a malicious or compromised WebSocket server to crash Node.js client processes by streaming an unbounded number of small or empty continuation frames. Because undici only caps cumulative payload bytes via maxPayloadSize and does not limit fragment count, attackers can drive unbounded memory growth without ever exceeding the configured size threshold. No public exploit identified at time of analysis and the vulnerability is not listed in CISA KEV.
Node.js Undici's response deduplication feature accumulates response bodies in memory instead of streaming them, allowing remote attackers to trigger denial of service through large or concurrent responses from untrusted endpoints. Applications using the deduplicate() interceptor are vulnerable to out-of-memory crashes when processing large or chunked responses. No patch is currently available.
Undici versions up to 7.18.0 is affected by allocation of resources without limits or throttling (CVSS 5.9).