4 matches found
CVE-2022-24719
Fluture-Node is a FP-style HTTP and streaming utils for Node based on Fluture. Using followRedirects or followRedirectsWith with any of the redirection strategies built into fluture-node 4.0.0 or 4.0.1, paired with a request that includes confidential headers such as Authorization or Cookie,...
CVE-2022-24719
creationtimestamp| type| source ---|---|--- 2022-03-02 00:24:37+00:00| seen| https://t.me/cibsecurity/38285 2025-04-23 19:05:12+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/13117...
CVE-2022-24719 Unauthorized forwarding of confidential headers in fluture-node
Fluture-Node is a FP-style HTTP and streaming utils for Node based on Fluture. Using followRedirects or followRedirectsWith with any of the redirection strategies built into fluture-node 4.0.0 or 4.0.1, paired with a request that includes confidential headers such as Authorization or Cookie,...
CVE-2022-24719
CVE-2022-24719 affects Fluture-Node. The vulnerability arises when using followRedirects or followRedirectsWith with redirection strategies in fluture-node 4.0.0/4.0.1, where confidential headers (Authorization, Cookie) can be exposed in a redirected request to a third‑party or HTTP origin. The i...