更新: 103 个文件 - 2026-03-18 19:24:37

07-framework-security/frameworks/undici/cases/undici-cve-2026-1526.md

@@ -4,8 +4,8 @@ system_id: "undici"
 category: "frameworks"
 advisory_mode: "core"
 published_date: "2026-03-13T20:41:56Z"
-updated_date: "2026-03-13T20:54:25.563997Z"
-severity: "high"
+updated_date: "2026-03-18T22:58:59.936049Z"
+severity: "low"
 exploit_status: "unknown"
 source_confidence: "official"
 verification_status: "verified-real"
@@ -50,7 +50,7 @@ primary_source: "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-
 
 - Canonical ID: `undici--CVE-2026-1526`
 - 系统: `undici`
-- 严重度: `high`
+- 严重度: `low`
 - 来源置信度: `official`
 - 官方主源: https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q
 - 影响版本: `introduced=0, fixed<6.24.0, introduced=7.0.0, fixed<7.24.0`
@@ -58,9 +58,9 @@ primary_source: "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-
 
 ## 其他来源
 
-- https://cna.openjsf.org/security-advisories.html
 - https://nvd.nist.gov/vuln/detail/CVE-2026-1526
 - https://hackerone.com/reports/3481206
+- https://cna.openjsf.org/security-advisories.html
 - https://datatracker.ietf.org/doc/html/rfc7692
 - https://github.com/nodejs/undici
 - https://owasp.org/www-community/attacks/Denial_of_Service