Lucene search
K

9 matches found

SUSE CVE
SUSE CVE
added 2023/02/22 2:56 a.m.2 views

SUSE CVE-2022-0355

Improper Removal of Sensitive Information Before Storage or Transfer in NPM simple-get prior to 4.0.1...

8.8CVSS7.1AI score0.02024EPSS
Exploits1References2
vulnersOsv
vulnersOsv
added 2022/01/28 10:54 p.m.4 views

3drudder-js (>=1.0.0 <=2.0.7), @131/fuse-bindings (>=2.11.0 <=2.11.1) +833 more potentially affected by CVE-2022-0355 via simple-get (>=1.4.3 <=2.7.1)

simple-get NPM version =1.4.3, =1.0.0, =2.11.0, =1.16.0, =1.0.2, =1.0.0, =1.0.0, =1.0.8, =1.0.0, =1.6.0, =0.2.1, =0.2.75, =0.3.4 and more Source cves: CVE-2022-0355 Source advisory: OSV:GHSA-WPG7-2C88-R8XV...

8.8CVSS7.1AI score0.02024EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/01/28 10:54 p.m.5 views

@garment/plugin-runner-publish (>=0.13.7 <=0.18.0), bower-npm-resolver (=0.11.0) +4 more potentially affected by CVE-2022-0355 via simple-get (=3.0.3)

simple-get NPM version =3.0.3 is affected by a known vulnerability. The following packages have a transitive dependency on simple-get and may be impacted: - @garment/plugin-runner-publish =0.13.7, =3.2.4, =2.0.3, =2.0.5 Source cves: CVE-2022-0355 Source advisory: OSV:GHSA-WPG7-2C88-R8XV...

8.8CVSS7.1AI score0.02024EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2022/01/27 1:59 p.m.25 views

CVE-2022-0355

A flaw was found in the simple-get library when fetching a remote URL with a cookie when it gets to the Location response header. This flaw allows an attacker to expose sensitive information from an unauthorized actor as the cookie is leaked...

8.8CVSS2.9AI score0.02024EPSS
Exploits1References4
Circl
Circl
added 2022/01/26 7:19 a.m.8 views

CVE-2022-0355

creationtimestamp| type| source ---|---|--- 2022-01-26 07:19:08+00:00| seen| https://t.me/cibsecurity/36285...

8.8CVSS7.8AI score0.02024EPSS
Exploits1References1
NVD
NVD
added 2022/01/26 4:15 a.m.22 views

CVE-2022-0355

Improper Removal of Sensitive Information Before Storage or Transfer in NPM simple-get prior to 4.0.1...

8.8CVSS0.02024EPSS
Exploits1References3
OSV
OSV
added 2022/01/26 12:0 a.m.25 views

CVE-2022-0355 Improper Removal of Sensitive Information Before Storage or Transfer in feross/simple-get

Improper Removal of Sensitive Information Before Storage or Transfer in NPM simple-get prior to 4.0.1...

8.8CVSS7.8AI score0.02024EPSS
Exploits1References5
Cvelist
Cvelist
added 2022/01/26 12:0 a.m.29 views

CVE-2022-0355 Improper Removal of Sensitive Information Before Storage or Transfer in feross/simple-get

Improper Removal of Sensitive Information Before Storage or Transfer in NPM simple-get prior to 4.0.1...

8.8CVSS8.9AI score0.02024EPSS
Exploits1References3
CVE
CVE
added 2022/01/26 12:0 a.m.108 views

CVE-2022-0355

CVE-2022-0355 affects the Node.js package simple-get (versions earlier than 4.0.1). The root cause is improper handling of sensitive data before storage or transfer, allowing exposure of session cookies when fetching remote URLs. Impact can include session hijacking or unauthorized access, depend...

8.8CVSS7.8AI score0.02024EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder