Medium
Node.js undici module could allow a remote authenticated attacker to obtain sensitive information, caused by improper certificate validation. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information of all the requests and responses data to the proxy., and use this information to launch further attacks against the affected system.
Node.js
Node.js undici 5.5.0
Upgrade to the latest version of undici, available from the NPM Web site.
NPM Web site