60 matches found
eventsource: Exposure of Sensitive Information
A flaw was found in the EventSource NPM Package. The description from the source states the following message: "Exposure of Sensitive Information to an Unauthorized Actor." This flaw allows an attacker to steal the user's credentials and then use the credentials to access the legitimate website...
eventsource: Exposure of Sensitive Information
A flaw was found in the EventSource NPM Package. The description from the source states the following message: "Exposure of Sensitive Information to an Unauthorized Actor." This flaw allows an attacker to steal the user's credentials and then use the credentials to access the legitimate website...
eventsource: Exposure of Sensitive Information
A flaw was found in the EventSource NPM Package. The description from the source states the following message: "Exposure of Sensitive Information to an Unauthorized Actor." This flaw allows an attacker to steal the user's credentials and then use the credentials to access the legitimate website...
eventsource: Exposure of Sensitive Information
A flaw was found in the EventSource NPM Package. The description from the source states the following message: "Exposure of Sensitive Information to an Unauthorized Actor." This flaw allows an attacker to steal the user's credentials and then use the credentials to access the legitimate website...
The vulnerability of the eventsource/eventsource library, related to insufficient protection of operational data, allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the eventsource/eventsource library is related to insufficient protection for operational data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...
Important: Red Hat Security Advisory: Red Hat Fuse Online 7.10.2.P1 security update
A patch update from 7.10.1 to 7.10.2.P1 is now available for Red Hat Fuse Online. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability...
eventsource: Exposure of Sensitive Information
A flaw was found in the EventSource NPM Package. The description from the source states the following message: "Exposure of Sensitive Information to an Unauthorized Actor." This flaw allows an attacker to steal the user's credentials and then use the credentials to access the legitimate website...
Important: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.1.3 Containers security update
Red Hat OpenShift Service Mesh 2.1.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References...
CVE-2022-1650
A flaw was found in the EventSource NPM Package. The description from the source states the following message: "Exposure of Sensitive Information to an Unauthorized Actor." This flaw allows an attacker to steal the user's credentials and then use the credentials to access the legitimate website...
0726react (=0.1.1), 0x0range-homebridge-homeassistant (>=1.0.0 <=1.0.1) +8937 more potentially affected by CVE-2022-1650 via eventsource (>=0.0.10 <=1.1.0)
eventsource NPM version =0.0.10, =1.0.0, =1.0.4, =1.0.0, =0.0.1, =0.1.0, =1.4.0, =1.0.3, =1.0.4, =3.0.2, =5.0.1-0 and more Source cves: CVE-2022-1650 Source advisory: OSV:GHSA-6H5X-7C5M-7CR7...
DEBIAN-CVE-2022-1650
Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository eventsource/eventsource prior to v2.0.2...
CVE-2022-1650
Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository eventsource/eventsource prior to v2.0.2...
CVE-2022-1650
Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository eventsource/eventsource prior to v2.0.2...
UBUNTU-CVE-2022-1650
Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository eventsource/eventsource prior to v2.0.2...
CVE-2022-1650
CVE-2022-1650: GitHub eventsource/eventsource prior to v2.0.2 suffers improper removal of sensitive information before storage/transfer. Affects eventsource/eventsource; root cause is incomplete sanitization of sensitive data in events. The connected document notes the fix to v2.0.2. No exploitat...
CVE-2022-1650 Improper Removal of Sensitive Information Before Storage or Transfer in eventsource/eventsource
Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository eventsource/eventsource prior to v2.0.2...
PT-2022-3410 · Unknown +5 · Eventsource +5
Name of the Vulnerable Software and Affected Versions: eventsource/eventsource versions prior to 2.0.2 Description: The issue is related to insufficient protection of sensitive data, allowing a remote attacker to gain unauthorized access to protected information. This is due to the improper remov...
EventSource 信息泄露漏洞
EventSource is a pure JavaScript implementation of the EventSource client. An information disclosure vulnerability exists in versions of EventSource prior to 2.0.2, which originates from exposing sensitive information to an unauthorized Actor...
CVE-2022-1650 Improper Removal of Sensitive Information Before Storage or Transfer in eventsource/eventsource
Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository eventsource/eventsource prior to v2.0.2...
Exposure of Sensitive Information to an Unauthorized Actor in eventsource/eventsource
Exposure of Sensitive Information to an Unauthorized Actor in EventSource/eventsource Reported on Feb 6th 2022 | Timothee Desurmont Vulnerability type: CWE-200 Bug Cookies & Authorisation headers are leaked to external sites. Description When fetching an url with a link to an external site...