129 matches found
CVE-2022-0235
node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor...
CVE-2022-0235
node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor...
UBUNTU-CVE-2022-0235
node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor...
CVE-2022-0235 Exposure of Sensitive Information to an Unauthorized Actor in node-fetch/node-fetch
node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor...
CVE-2022-0235
node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor...
node-fetch 信息泄露漏洞
node-fetch is a lightweight module that brings the Fetch API to Node.js. An information disclosure vulnerability exists in node-fetch, which is vulnerable to the exposure of sensitive information to unauthorized participants...
PT-2022-13054
Name of the Vulnerable Software and Affected Versions node-fetch versions affected versions not specified Description The issue concerns exposure of sensitive information to an unauthorized actor. Specifically, node-fetch forwards secure headers such as authorization, www-authenticate, cookie, an...
CVE-2022-0235
CVE-2022-0235 affects the node-fetch package and is described as a vulnerability that could result in Exposure of Sensitive Information to an Unauthorized Actor. The connected document(s) confirm this CVE ID and provide contextual metrics (e.g., CVSS scores from NVD and related references), but d...
CVE-2022-0235 Exposure of Sensitive Information to an Unauthorized Actor in node-fetch/node-fetch
node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor...
PT-2022-3647 · Lquixada · Cross-Fetch
Name of the Vulnerable Software and Affected Versions: lquixada/cross-fetch versions prior to 3.1.5 Description: The issue is related to the exposure of private personal information to an unauthorized actor. It is associated with errors in handling files, specifically cookies, in the WHATWG Fetch...
The vulnerability of the node-fetch library in the Aurora Center’s application software, related to uncontrolled resource consumption, allows attackers to cause service failures.
The vulnerability of the node-fetch library in Aurora Application Software is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to deny services through a specially crafted regular expression...
The vulnerability of the util.setPath function in the node-fetch library of the Aurora Application Center involves uncontrolled changes to prototype attributes of objects. This allows attackers to execute a “prototype pollution” attack.
The vulnerability of the util.setPath function in the node-fetch library of the Aurora Application Software is related to uncontrolled changes to prototype attributes of objects. Exploiting this vulnerability could allow a malicious actor to execute a “prototype pollution” attack...
Security Bulletin: A security vulnerability in Node.js node-fetch module affects IBM Cloud Pak for Multicloud Management Infrastructure Management and Managed Service.
Summary Security Bulletin: A security vulnerability in Node.js node-fetch module affects IBM Cloud Pak for Multicloud Management Managed Service. Vulnerability Details CVEID: CVE-2020-15168 DESCRIPTION: Node.js node-fetch module is vulnerable to a denial of service, caused by the failure to honor...
CVE-2020-15168
node-fetch before versions 2.6.1 and 3.0.0-beta.9 did not honor the size option after following a redirect, which means that when a content size was over the limit, a FetchError would never get thrown and the process would end without failure. For most people, this fix will have a little or no...
Denial Of Service (DoS)
node-fetch is vulnerable to denial of service. The size option after following a redirect is not adhered to, which does not result in a FetchError being thrown and the process ending without failure when a content size was over the limit...
CVE-2020-15168
node-fetch before versions 2.6.1 and 3.0.0-beta.9 did not honor the size option after following a redirect, which means that when a content size was over the limit, a FetchError would never get thrown and the process would end without failure. For most people, this fix will have a little or no...
CVE-2020-15168
node-fetch before versions 2.6.1 and 3.0.0-beta.9 did not honor the size option after following a redirect, which means that when a content size was over the limit, a FetchError would never get thrown and the process would end without failure. For most people, this fix will have a little or no...
DEBIAN-CVE-2020-15168
node-fetch before versions 2.6.1 and 3.0.0-beta.9 did not honor the size option after following a redirect, which means that when a content size was over the limit, a FetchError would never get thrown and the process would end without failure. For most people, this fix will have a little or no...
Design/Logic Flaw
node-fetch before versions 2.6.1 and 3.0.0-beta.9 did not honor the size option after following a redirect, which means that when a content size was over the limit, a FetchError would never get thrown and the process would end without failure. For most people, this fix will have a little or no...
UBUNTU-CVE-2020-15168
node-fetch before versions 2.6.1 and 3.0.0-beta.9 did not honor the size option after following a redirect, which means that when a content size was over the limit, a FetchError would never get thrown and the process would end without failure. For most people, this fix will have a little or no...