Pimterry

**Name of the Vulnerable Software and Affected Versions** Undici versions prior to 5.5.1 **Description** The issue is related to errors in the certificate authentication procedure of the Undici module in Node.js, which can allow a remote attacker to access protected information. Specifically, `Undici.ProxyAgent` never verifies the remote server's certificate and exposes all request and response data to the proxy. This means that proxies can perform man-in-the-middle (MitM) attacks on all HTTPS traffic. If the proxy's URL is HTTP, then nominally HTTPS requests are sent via plain-text HTTP between Undici and the proxy server. **Recommendations** For versions prior to 5.5.1, update to version 5.5.1 or later to resolve the issue. As a temporary workaround, consider not using `ProxyAgent` as a dispatcher for TLS connections until a patch is applied.