CVE-2024-38372

Published July 8th, 2024

View on NVD ↗

CVSS v3

LOW

CVSS v2

N/A

Affected

PROJECT

Description

Undici is an HTTP/1.1 client, written from scratch for Node.js. Depending on network and process conditions of a `fetch()` request, `response.arrayBuffer()` might include portion of memory from the Node.js process. This has been patched in v6.19.2.

nodejs/undici

An HTTP/1.1 client, written from scratch for Node.js

GitHub

7.6K