Vulnerabilidades em undici
14 resultadosCVE-2026-1526HIGHundici is vulnerable to Unbounded Memory Consumption in undici WebSocket permessage-deflate DecompressionEPSS 0.6%CVE-2026-2581MEDIUMundici is vulnerable to Unbounded Memory Consumption in in Undici's DeduplicationHandler via Response Buffering leads to DoSEPSS 0.6%CVE-2026-1525MEDIUMundici is vulnerable to Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')EPSS 0.5%CVE-2026-2229HIGHundici is vulnerable to Unhandled Exception in undici WebSocket Client Due to Invalid server_max_window_bits ValidationEPSS 0.5%CVE-2026-9675HIGHundici WebSocket client vulnerable to denial of service via cumulative fragment bypassEPSS 0.4%CVE-2026-12151HIGHundici WebSocket client vulnerable to denial of service via fragment count bypassEPSS 0.4%CVE-2026-1528HIGHundici is vulnerable to Malicious WebSocket 64-bit length overflows undici parser and crashes the clientEPSS 0.3%CVE-2026-9678MEDIUMundici vulnerable to cross-user information disclosure via shared cache whitespace bypassEPSS 0.3%CVE-2026-9697HIGHundici vulnerable to TLS certificate validation bypass via dropped requestTls in SOCKS5 ProxyAgentEPSS 0.3%CVE-2026-9679MEDIUMundici vulnerable to HTTP header injection via Set-Cookie percent-decodingEPSS 0.3%CVE-2026-1527MEDIUMundici is vulnerable to CRLF Injection via upgrade optionEPSS 0.3%CVE-2026-11525LOWundici vulnerable to Set-Cookie SameSite attribute downgrade via permissive substring matchingEPSS 0.2%CVE-2026-6733LOWundici vulnerable to HTTP response queue poisoning via keep-alive socket reuseEPSS 0.2%CVE-2026-6734HIGHundici vulnerable to cross-origin request routing via SOCKS5 proxy pool reuseEPSS 0.2%