Commit ef467ec
authored
![aikido-autofix[bot]](https://avatars.githubusercontent.com/in/268977?v=4&size=40){kind=avatar}
Fix security issue in undici via minor version upgrade from 6.21.1 to 6.21.2 (#121)
This PR will resolve the following CVEs:
| CVE ID | Severity | Description |
| --- | --- | --- |
|
<pre>[CVE-2025-47279](https://app.aikido.dev/issues/8965057/detail?groupId=324#CVE-2025-47279)</pre>
| <pre>LOW</pre> | ### Impact<br><br>Applications that use undici to
implement a webhook-like system are vulnerable. If the attacker set up a
server with an invalid certificate, and they can force the application
to call the webhook repeatedly, then they can cause a memory leak.
<br><br>### Patches<br><br>This has been patched in https... |
## Summary by Sourcery
Bug Fixes:
- Upgrade undici from 6.21.1 to 6.21.2 to fix a memory leak
vulnerability (CVE-2025-47279)
Co-authored-by: aikido-autofix[bot] <119856028+aikido-autofix[bot]@users.noreply.github.com>1 parent b593f57 commit ef467ec
2 files changed
Lines changed: 7 additions & 8 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
83 | 83 | | |
84 | 84 | | |
85 | 85 | | |
86 | | - | |
| 86 | + | |
87 | 87 | | |
88 | 88 | | |
0 commit comments