Lucene search
GoogleOSV:GHSA-6XHG-Q9C8-RJ32HistoryMay 18, 2021 - 1:52 a.m.
Credential leak in react-native-fast-image
2021-05-1801:52:54
Google
osv.dev
19
react-native-fast-image
credential leak
images
EPSS
0.001
Percentile
47.8%
This affects all versions before version 8.3.0 of package react-native-fast-image. When an image with source={{uri: "...", headers: { host: "somehost.com", authorization: "..." }} is loaded, all other subsequent images will use the same headers, this can lead to signing credentials or other session tokens being leaked to other servers.
Related
cvelist
cvelist
CVE-2020-7696 Information Exposure
2020-07-17 09:25:15
nvd
nvd
CVE-2020-7696
2020-07-17 10:15:12
github
github
Credential leak in react-native-fast-image
2021-05-18 01:52:54
prion
prion
Authorization
2020-07-17 10:15:00
nodejs
nodejs
Credential leak in react-native-fast-image
2021-05-18 01:57:51
cve
cve
CVE-2020-7696
2020-07-17 10:15:12