[CVE-2022-35949]: undici.request vulnerable to SSRF using absolute / protocol-relative URL on pathname

Disclosed: 2022-09-23 17:51:15 By haxatron1 To ibb
Medium
Vulnerability Details
GHSA: https://github.com/nodejs/undici/security/advisories/GHSA-8qr4-xgw6-wmr3 Report: https://hackerone.com/reports/1642017 ## Impact SSRF
Actions
View on HackerOne
Report Stats
  • Report ID: 1663788
  • State: Closed
  • Substate: resolved
  • Upvotes: 4
Share this report