CVE-2025-47279 – Undici SSL Certificate Invalid Memory Leak

May 15, 2025

CVE ID : CVE-2025-47279

Published : May 15, 2025, 6:15 p.m. | 1 hour, 45 minutes ago

Description : Undici is an HTTP/1.1 client for Node.js. Prior to versions 5.29.0, 6.21.2, and 7.5.0, applications that use undici to implement a webhook-like system are vulnerable. If the attacker set up a server with an invalid certificate, and they can force the application to call the webhook repeatedly, then they can cause a memory leak. This has been patched in versions 5.29.0, 6.21.2, and 7.5.0. As a workaound, avoid calling a webhook repeatedly if the webhook fails.

Severity: 3.1 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4710 – Campcodes Sales and Inventory System SQL Injection Vulnerability

Next Article CVE-2025-4711 – Campcodes Sales and Inventory System SQL Injection Vulnerability

Turning User Research Into Real Organizational Change

June 2025: All AI updates from the past month

Building a culture that will drive platform engineering success

Gartner: More than 40% of agentic AI projects will be canceled in the next few years

I FINALLY got my hands on my most anticipated gaming laptop of 2025 — and it’s a 14-inch monster

This gimbal-tracking webcam has TWO cameras and a great price — but it may not be “private” enough

I spent two months using the massive Area-51 gaming rig — both a powerful beast PC and an RGB beauty queen

“Using AI is no longer optional” — Did Microsoft just make Copilot mandatory for its staff as a critical performance metric?

June report 2025

June report 2025

Make your JS functions smarter and cleaner with default parameters

Best Home Interiors in Hyderabad – Top Designers & Affordable Packages

I FINALLY got my hands on my most anticipated gaming laptop of 2025 — and it’s a 14-inch monster

I FINALLY got my hands on my most anticipated gaming laptop of 2025 — and it’s a 14-inch monster

This gimbal-tracking webcam has TWO cameras and a great price — but it may not be “private” enough

I spent two months using the massive Area-51 gaming rig — both a powerful beast PC and an RGB beauty queen

CVE-2025-47279 – Undici SSL Certificate Invalid Memory Leak

CVE-2025-6554 Actively Exploited Google Chrome Zeroday

Cyber Brief 25-07 – June 2025

Forget ChatGPT? Alibaba’s Qwen3 Might Be the New AI King

Nintendo Switch 2 pre-orders delayed, new price hike likely – here’s why

Overwatch 2 shows off its ambitious Stadium Mode, new hero, launch date, and more in the new Season 16 gameplay trailer

I need to see more from Lenovo’s most affordable gaming desktop, because this isn’t good enough

CVE-2025-4887 – SourceCodester Online Student Clearance System Cross-Site Request Forgery Vulnerability

Seagate’s 2TB Expansion Card for the Xbox Series X|S is almost down to its lowest ever price, so now is very much the time to buy

I spent two months using the massive Area-51 gaming rig — both a powerful beast PC and an RGB beauty queen

How to Hire Top AI Developers for Next-Gen Conversational AI Solutions🧠

CVE-2025-47279 – Undici SSL Certificate Invalid Memory Leak

Related Posts