CVE-2025-22150

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-22150

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-22150.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-22150

Aliases

GHSA-c76h-2ccp-4975

Related

Published

2025-01-21T18:15:14Z

Modified

2025-02-06T15:47:04.970883Z

Summary

[none]

Details

Undici is an HTTP/1.1 client. Starting in version 4.5.0 and prior to versions 5.28.5, 6.21.1, and 7.2.3, undici uses Math.random() to choose the boundary for a multipart/form-data request. It is known that the output of Math.random() can be predicted if several of its generated values are known. If there is a mechanism in an app that sends multipart requests to an attacker-controlled website, they can use this to leak the necessary values. Therefore, an attacker can tamper with the requests going to the backend APIs if certain conditions are met. This is fixed in versions 5.28.5, 6.21.1, and 7.2.3. As a workaround, do not issue multipart requests to attacker controlled servers.

References

Affected packages

Alpine:v3.21 / nodejs

Package

Name: nodejs
Purl: pkg:apk/alpine/nodejs?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

22.13.1-r0

Affected versions

22.*

22.11.0-r0

22.11.0-r1

Debian:12 / node-undici

Package

Name: node-undici
Purl: pkg:deb/debian/node-undici?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.15.0+dfsg1+~cs20.10.9.3-1

5.15.0+dfsg1+~cs20.10.9.3-1+deb12u1

5.15.0+dfsg1+~cs20.10.9.3-1+deb12u2

5.15.0+dfsg1+~cs20.10.9.3-1+deb12u3

5.15.0+dfsg1+~cs20.10.9.3-1+deb12u4

5.19.1+dfsg1+~cs20.10.9.5-1

5.19.1+dfsg1+~cs20.10.9.5-2

5.22.1+dfsg1+~cs20.10.10.2-1

5.26.3+dfsg1+~cs23.10.12-1

5.26.3+dfsg1+~cs23.10.12-2

5.26.3+dfsg1+~cs23.10.12-3

5.28.0+dfsg1+~cs23.11.12.3-1

5.28.0+dfsg1+~cs23.11.12.3-2

5.28.2+dfsg1+~cs23.11.12.3-1

5.28.2+dfsg1+~cs23.11.12.3-2

5.28.2+dfsg1+~cs23.11.12.3-3

5.28.2+dfsg1+~cs23.11.12.3-4

5.28.2+dfsg1+~cs23.11.12.3-5

5.28.2+dfsg1+~cs23.11.12.3-6

5.28.4+dfsg1+~cs23.12.11-1

5.28.4+dfsg1+~cs23.12.11-2

7.*

7.1.0+dfsg1+~cs24.12.10-1

7.2.3+dfsg1+~cs24.12.11-1

7.2.3+dfsg1+~cs24.12.11-2

7.3.0+dfsg1+~cs24.12.11-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / node-undici

Package

Name: node-undici
Purl: pkg:deb/debian/node-undici?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.3.0+dfsg1+~cs24.12.11-1

Affected versions

5.*

5.15.0+dfsg1+~cs20.10.9.3-1

5.19.1+dfsg1+~cs20.10.9.5-1

5.19.1+dfsg1+~cs20.10.9.5-2

5.22.1+dfsg1+~cs20.10.10.2-1

5.26.3+dfsg1+~cs23.10.12-1

5.26.3+dfsg1+~cs23.10.12-2

5.26.3+dfsg1+~cs23.10.12-3

5.28.0+dfsg1+~cs23.11.12.3-1

5.28.0+dfsg1+~cs23.11.12.3-2

5.28.2+dfsg1+~cs23.11.12.3-1

5.28.2+dfsg1+~cs23.11.12.3-2

5.28.2+dfsg1+~cs23.11.12.3-3

5.28.2+dfsg1+~cs23.11.12.3-4

5.28.2+dfsg1+~cs23.11.12.3-5

5.28.2+dfsg1+~cs23.11.12.3-6

5.28.4+dfsg1+~cs23.12.11-1

5.28.4+dfsg1+~cs23.12.11-2

7.*

7.1.0+dfsg1+~cs24.12.10-1

7.2.3+dfsg1+~cs24.12.11-1

7.2.3+dfsg1+~cs24.12.11-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/nodejs/undici

Affected ranges

Type: GIT
Repo: https://github.com/nodejs/undici
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

711e20772764c29f6622ddc937c63b6eefdf07d0

Fixed

c2d78cd19fe4f4c621424491e26ce299e65e934a

Fixed

c3acc6050b781b827d80c86cbbab34f14458d385

Affected versions

v1.*

v1.0.0

v1.0.1

v1.0.2

v1.0.3

v1.1.0

v1.2.0

v1.2.1

v1.2.2

v1.2.5

v1.2.6

v1.3.0

v1.3.1

v2.*

v2.0.0

v2.0.1

v2.0.2

v2.0.3

v2.0.4

v2.0.5

v2.0.6

v2.0.7

v2.1.0

v3.*

v3.0.0

v3.1.0

v3.2.0

v3.3.0

v3.3.1

v4.*

v4.0.0

v4.0.0-alpha.0

v4.0.0-alpha.1

v4.0.0-alpha.2

v4.0.0-alpha.4

v4.0.0-alpha.5

v4.0.0-rc.1

v4.0.0-rc.2

v4.0.0-rc.3

v4.0.0-rc.4

v4.0.0-rc.5

v4.0.0-rc.7

v4.0.0-rc.8

v4.1.0

v4.1.1

v4.10.0

v4.10.1

v4.10.2

v4.10.3

v4.10.4

v4.11.0

v4.11.1

v4.11.2

v4.11.3

v4.12.0

v4.12.2

v4.13.0

v4.14.0

v4.14.1

v4.15.0

v4.15.1

v4.16.0

v4.2.1

v4.2.2

v4.3.0

v4.3.1

v4.4.1

v4.4.2

v4.4.3

v4.4.4

v4.4.5

v4.4.6

v4.4.7

v4.5.0

v4.5.1

v4.6.0

v4.7.0

v4.7.1

v4.7.2

v4.7.3

v4.8.0

v4.8.1

v4.8.2

v4.9.0

v4.9.1

v4.9.2

v4.9.3

v4.9.4

v4.9.5

v5.*

v5.0.0

v5.1.0

v5.1.1

v5.10.0

v5.11.0

v5.12.0

v5.13.0

v5.14.0

v5.15.0

v5.15.1

v5.15.2

v5.16.0

v5.17.0

v5.17.1

v5.18.0

v5.19.0

v5.19.1

v5.2.0

v5.20.0

v5.21.0

v5.21.1

v5.21.2

v5.22.0

v5.22.1

v5.23.0

v5.23.4

v5.24.0

v5.25.0

v5.25.1

v5.25.2

v5.25.3

v5.26.0

v5.26.1

v5.26.2

v5.26.3

v5.26.4

v5.26.5

v5.27.0

v5.27.1

v5.27.2

v5.28.0

v5.28.1

v5.28.2

v5.28.3

v5.28.4

v5.3.0

v5.4.0

v5.5.0

v5.5.1

v5.6.0

v5.6.1

v5.7.0

v5.8.0

v5.8.1

v5.8.2

v5.9.1

v6.*

v6.0.0

v6.0.1

v6.1.0

v6.10.0

v6.10.1

v6.10.2

v6.11.0

v6.11.1

v6.12.0

v6.13.0

v6.14.0

v6.14.1

v6.15.0

v6.16.0

v6.16.1

v6.17.0

v6.18.0

v6.18.1

v6.18.2

v6.19.0

v6.19.1

v6.19.2

v6.19.3

v6.19.4

v6.19.5

v6.19.6

v6.19.7

v6.19.8

v6.2.0

v6.2.1

v6.20.0

v6.20.1

v6.21.0

v6.3.0

v6.4.0

v6.5.0

v6.6.0

v6.6.1

v6.6.2

v6.7.0

v6.7.1

v6.8.0

v6.9.0

v7.*

v7.0.0

v7.0.0-alpha.2

v7.0.0-alpha.3

v7.0.0-alpha.4

v7.0.0-alpha.5

v7.0.0-alpha.6

v7.0.0-alpha.7

v7.0.0-alpha.8

v7.0.0-alpha.9

v7.1.0

v7.1.1

v7.2.0

v7.2.1

v7.2.2