Lucene search
K

4 matches found

Node.js
Node.js
added 2021/05/18 1:57 a.m.76 views

Credential leak in react-native-fast-image

Overview This affects all versions before version 8.3.0 of package react-native-fast-image. When an image with source=uri: "...", headers: host: "somehost.com", authorization: "..." is loaded, all other subsequent images will use the same headers, this can lead to signing credentials or other...

5CVSS3.7AI score0.0158EPSS
Exploits1Affected Software1
NVD
NVD
added 2020/07/17 10:15 a.m.19 views

CVE-2020-7696

This affects all versions of package react-native-fast-image. When an image with source=uri: "...", headers: host: "somehost.com", authorization: "..." is loaded, all other subsequent images will use the same headers, this can lead to signing credentials or other session tokens being leaked to...

5.3CVSS0.0158EPSS
Exploits1References3
CVE
CVE
added 2020/07/17 9:25 a.m.61 views

CVE-2020-7696

The CVE-2020-7696 entry affects all versions of react-native-fast-image. When an image is loaded with headers that include sensitive data (e.g., host and authorization in the request headers), subsequent images reuse those headers, causing potential leakage of signing credentials or session token...

5.3CVSS5.2AI score0.0158EPSS
Exploits1References3Affected Software1
vulnersOsv
vulnersOsv
added 2020/06/12 2:47 p.m.12 views

@applicaster/zapp-react-native-fast-image (>=1.0.0 <=1.1.0-beta.0), @momo-platform/component-kits (=1.1.74) +5 more potentially affected by CVE-2020-7696 via react-native-fast-image (>=8.1.2 <=8.2.0)

react-native-fast-image NPM version =8.1.2, =1.0.0, =0.0.1, =0.1.0, =1.2.23 Source cves: CVE-2020-7696 Source advisory: SNYK:JS-REACTNATIVEFASTIMAGE-572228...

5.3CVSS6AI score0.0158EPSS
Exploits1
Rows per page
Query Builder