eventsource: Exposure of Sensitive Information

A flaw was found in the EventSource NPM Package. The description from the source states the following message: "Exposure of Sensitive Information to an Unauthorized Actor." This flaw allows an attacker to steal the user's credentials and then use the credentials to access the legitimate website...

eventsource: Exposure of Sensitive Information

A flaw was found in the EventSource NPM Package. The description from the source states the following message: "Exposure of Sensitive Information to an Unauthorized Actor." This flaw allows an attacker to steal the user's credentials and then use the credentials to access the legitimate website...

eventsource: Exposure of Sensitive Information

A flaw was found in the EventSource NPM Package. The description from the source states the following message: "Exposure of Sensitive Information to an Unauthorized Actor." This flaw allows an attacker to steal the user's credentials and then use the credentials to access the legitimate website...

Important: Red Hat Security Advisory: Red Hat Fuse Online 7.10.2.P1 security update

A patch update from 7.10.1 to 7.10.2.P1 is now available for Red Hat Fuse Online. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability...

eventsource: Exposure of Sensitive Information

A flaw was found in the EventSource NPM Package. The description from the source states the following message: "Exposure of Sensitive Information to an Unauthorized Actor." This flaw allows an attacker to steal the user's credentials and then use the credentials to access the legitimate website...

Important: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.1.3 Containers security update

Red Hat OpenShift Service Mesh 2.1.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References...

CVE-2022-1650

A flaw was found in the EventSource NPM Package. The description from the source states the following message: "Exposure of Sensitive Information to an Unauthorized Actor." This flaw allows an attacker to steal the user's credentials and then use the credentials to access the legitimate website...

0726react (=0.1.1), 0x0range-homebridge-homeassistant (>=1.0.0 <=1.0.1) +8947 more potentially affected by CVE-2022-1650 via eventsource (>=0.0.10 <=1.1.0)

eventsource NPM version =0.0.10, =1.0.0, =1.0.4, =1.0.0, =0.0.1, =0.1.0, =1.4.0, =1.0.3, =1.0.4, =3.0.2, =5.0.1-0 and more Source cves: CVE-2022-1650 Source advisory: OSV:GHSA-6H5X-7C5M-7CR7...

CVE-2022-1650

Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository eventsource/eventsource prior to v2.0.2...

DEBIAN-CVE-2022-1650

Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository eventsource/eventsource prior to v2.0.2...

CVE-2022-1650

Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository eventsource/eventsource prior to v2.0.2...

UBUNTU-CVE-2022-1650

Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository eventsource/eventsource prior to v2.0.2...

EventSource 信息泄露漏洞

EventSource is a pure JavaScript implementation of the EventSource client. An information disclosure vulnerability exists in versions of EventSource prior to 2.0.2, which originates from exposing sensitive information to an unauthorized Actor...

CVE-2022-1650 Improper Removal of Sensitive Information Before Storage or Transfer in eventsource/eventsource

Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository eventsource/eventsource prior to v2.0.2...

CVE-2022-1650

CVE-2022-1650: GitHub eventsource/eventsource prior to v2.0.2 suffers improper removal of sensitive information before storage/transfer. Affects eventsource/eventsource; root cause is incomplete sanitization of sensitive data in events. The connected document notes the fix to v2.0.2. No exploitat...

CVE-2022-1650 Improper Removal of Sensitive Information Before Storage or Transfer in eventsource/eventsource

Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository eventsource/eventsource prior to v2.0.2...

PT-2022-3410 · Unknown +5 · Eventsource +5

Name of the Vulnerable Software and Affected Versions: eventsource/eventsource versions prior to 2.0.2 Description: The issue is related to insufficient protection of sensitive data, allowing a remote attacker to gain unauthorized access to protected information. This is due to the improper remov...

Exposure of Sensitive Information to an Unauthorized Actor in eventsource/eventsource

Exposure of Sensitive Information to an Unauthorized Actor in EventSource/eventsource Reported on Feb 6th 2022 | Timothee Desurmont Vulnerability type: CWE-200 Bug Cookies & Authorisation headers are leaked to external sites. Description When fetching an url with a link to an external site...