node-fetch before versions 2.6.1 and 3.0.0-beta.9 did not honor the size option after following a redirect, which means that when a content size was over the limit, a FetchError would never get thrown and the process would end without failure. For most people, this fix will have a little or no impa...
5.3CVSS
5.3AI Score
0.001EPSS
node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor
6.1CVSS
6.6AI Score
0.004EPSS
Inefficient Regular Expression Complexity in GitHub repository node-fetch/node-fetch prior to 3.2.10.
5.9CVSS
5.5AI Score
0.001EPSS