操作系统--麒麟信安操作系统,国产操作系统,麒麟信安云桌面—

CVE-2022-35948

发布时间: 2024年9月10日

修改时间: 2024年9月10日

概要

undici is an HTTP/1.1 client, written from scratch for Node.js.`=< undici@5.8.0` users are vulnerable to _CRLF Injection_ on headers when using unsanitized input as request headers, more specifically, inside the `content-type` header. Example: ``` import { request } from 'undici' const unsanitizedContentTypeInput = 'application/jsonGET /foo2 HTTP/1.1' await request('http://localhost:3000, { method: 'GET', headers: { 'content-type': unsanitizedContentTypeInput }, }) ``` The above snippet will perform two requests in a single `request` API call: 1) `http://localhost:3000/` 2) `http://localhost:3000/foo2` This issue was patched in Undici v5.8.1. Sanitize input when sending content-type headers using user input as a workaround.

CVSS v3 指标

	NVD	openEuler
CVSS评分	5.3	5.3
Attack Vector	Network	Network
Attack Complexity	Low	Low
Privileges Required	None	None
User Interaction	None	None
Scope	Unchanged	Unchanged
Confidentiality	None	None
Integrity	Low	Low
Availability	None	None

安全公告

公告名	概要	发布时间
KylinSec-SA-2024-3636	undici is an HTTP/1.1 client, written from scratch for Node.js.`=< undici@5.8.0` users are vulnerable to _CRLF Injection_ on headers when using unsanitized input as request headers, more specifically, inside the `content-type` header. Example: ``` import { request } from 'undici' const unsanitizedContentTypeInput = 'application/json\r\rGET /foo2 HTTP/1.1' await request('http://localhost:3000, { method: 'GET', headers: { 'content-type': unsanitizedContentTypeInput }, }) ``` The above snippet will perform two requests in a single `request` API call: 1) `http://localhost:3000/` 2) `http://localhost:3000/foo2` This issue was patched in Undici v5.8.1. Sanitize input when sending content-type headers using user input as a workaround.	2024年9月10日

影响产品

产品	包	状态
KY3.4-5A	nodejs	Unaffected
KY3.5.2	nodejs	Unaffected
KY3.5.3	nodejs	Unaffected
V6	nodejs	Unaffected

操作系统+

概要

CVSS v3 指标

安全公告

影响产品

产品中心

解决方案

技术支持

生态与合作

分支机构