CVE-2024-30260 | nodejs undici up to 5.28.3/6.11.0 HTTP Header fetch Proxy-Authorization improper authorization

CVE-2024-30260 | nodejs undici up to 5.28.3/6.11.0 HTTP Header fetch Proxy-Authorization improper authorization

A vulnerability classified as critical has been found in nodejs undici up to 5.28.3/6.11.0. This affects the function fetch of the component HTTP Header Handler. The manipulation of the argument Proxy-Authorization leads to improper authorization. This vulnerability is uniquely identified as CVE-2024-30260. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.