NVD脆弱性詳細

Exploit、PoC検索

NVD脆弱性検索トップ

->

NVD脆弱性詳細

CVE-2024-24750

概要	Undici is an HTTP/1.1 client, written from scratch for Node.js. In affected versions calling `fetch(url)` and not consuming the incoming body ((or consuming it very slowing) will lead to a memory leak. This issue has been addressed in version 6.6.1. Users are advised to upgrade. Users unable to upgrade should make sure to always consume the incoming body.
公表日	2024年2月17日7:15
登録日	2024年2月17日10:00
最終更新日	2024年4月19日16:15

関連情報、対策とツール

No	URL	refsource	タグ
1	https://github.com/nodejs/undici/security/advisories/GHSA-9f24-jqhm-jfcw
2	https://github.com/nodejs/undici/commit/87a48113f1f68f60aa09abb07276d7c35467c663
3	https://security.netapp.com/advisory/ntap-20240419-0006/

共通脆弱性一覧

No	CWE	名前	URL
1	CWE-400	リソースの枯渇	https://cwe.mitre.org/data/definitions/400.html