4Nis
CVE-2024-30260 | nodejs undici up to 5.28.3/6.11.0 HTTP Header fetch Proxy-Authorization improper authorization
A vulnerability classified as critical has been found in nodejs undici up to 5.28.3/6.11.0. This affects the functionfetch
of the component HTTP Header Handler. The manipulation of the argument Proxy-Authorization leads to improper authorization.
This vulnerability is uniquely identified as CVE-2024-30260. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.