UBUNTU-CVE-2022-0561

Null source pointer passed as an argument to memcpy function within TIFFFetchStripThing in tifdirread.c in libtiff versions from 3.9.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, the fix is available with commit eecb0712...

RUSTSEC-2022-0041 Unsoundness of AtomicCell<*64> arithmetics on 32-bit targets that support Atomic*64

Impact Affected versions of this crate incorrectly assumed that the alignment of i,u64 was always the same as AtomicI,U64. However, the alignment of i,u64 on a 32-bit target can be smaller than AtomicI,U64. This can cause the following problems: - Unaligned memory accesses - Data race Crates usin...

Fetch Softworks Fetch FTP Client 5.8 - Remote CPU Consumption (Denial of Service)

Exploit Title: Fetch Softworks Fetch FTP Client 5.8 - Remote CPU Consumption Denial of Service Exploit Author: liquidworm !/usr/bin/env python Fetch Softworks Fetch FTP Client 5.8 Remote CPU Consumption Denial of Service Vendor: Fetch Softworks Product web page: https://www.fetchsoftworks.com...

Fetch Softworks Fetch FTP Client 5.8 Denial Of Service Exploit

Fetch Softworks Fetch FTP Client version 5.8 suffers from a remote CPU consumption denial of service vulnerability. !/usr/bin/env python Fetch Softworks Fetch FTP Client 5.8 Remote CPU Consumption Denial of Service Vendor: Fetch Softworks Product web page: https://www.fetchsoftworks.com Affected...

Fetch Softworks Fetch FTP Client 5.8 Denial Of Service

!/usr/bin/env python Fetch Softworks Fetch FTP Client 5.8 Remote CPU Consumption Denial of Service Vendor: Fetch Softworks Product web page: https://www.fetchsoftworks.com Affected version: 5.8.2 5K1354 Summary: Fetch is a reliable, full-featured file transfer client for the Apple Macintosh whose...

Fetch Softworks Fetch FTP Client 5.8 Remote CPU Consumption (Denial of Service)

Summary Fetch is a reliable, full-featured file transfer client for the Apple Macintosh whose user interface emphasizes simplicity and ease of use. Fetch supports FTP and SFTP, the most popular file transfer protocols on the Internet for compatibility with thousands of Internet service providers,...

GHSA-R683-J2X4-V87G node-fetch forwards secure headers to untrusted sites

node-fetch forwards secure headers such as authorization, www-authenticate, cookie, & cookie2 when redirecting to a untrusted site...

4i18n-cli (>=0.0.2 <=0.0.7), @acneidert/devtools (=0.0.6) +60 more potentially affected by CVE-2022-0235 via node-fetch (>=3.0.0 <=3.1.0)

node-fetch NPM version =3.0.0, =0.0.2, =1.273.2, =1.0.0, =2.14.0, =2.1.0, =0.0.83, =1.0.0, =1.0.0, =0.0.3, =19.7.0, =6.2.0, =0.0.1, =4.1.1, =4.1.2 and more Source cves: CVE-2022-0235 Source advisory: OSV:GHSA-R683-J2X4-V87G...

node-fetch forwards secure headers to untrusted sites

node-fetch forwards secure headers such as authorization, www-authenticate, cookie, & cookie2 when redirecting to a untrusted site...

Five Star Business Profile and Schema < 2.1.7 - Subscriber+ Page Creation & Settings Update to Stored XSS

The plugin does not have any authorisation and CSRF in its bpfwpwelcomeaddcontactpage and bpfwpwelcomesetcontactinformation AJAX action, allowing any authenticated users, such as subscribers, to call them. Furthermore, due to the lack of sanitisation, it also lead to Stored Cross-Site Scripting...

Information Disclosure

node-fetch is vulnerable to information disclosure. The vulnerability exists due to the cookie header being leaked to third party site which allows an attacker to gain access to sensitive information...

DEBIAN-CVE-2022-0235

node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor...

CVE-2022-0235

node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor...

CVE-2022-0235

node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor...

UBUNTU-CVE-2022-0235

node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor...

CVE-2022-0235

CVE-2022-0235 affects the node-fetch package and is described as a vulnerability that could result in Exposure of Sensitive Information to an Unauthorized Actor. The connected document(s) confirm this CVE ID and provide contextual metrics (e.g., CVSS scores from NVD and related references), but d...

CVE-2022-0235 Exposure of Sensitive Information to an Unauthorized Actor in node-fetch/node-fetch

node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor...

node-fetch 信息泄露漏洞

node-fetch is a lightweight module that brings the Fetch API to Node.js. An information disclosure vulnerability exists in node-fetch, which is vulnerable to the exposure of sensitive information to unauthorized participants...

PT-2022-13054 · Npm +7 · Node-Fetch +7

Name of the Vulnerable Software and Affected Versions: node-fetch versions affected versions not specified Description: The issue concerns exposure of sensitive information to an unauthorized actor. Specifically, node-fetch forwards secure headers such as authorization, www-authenticate, cookie,...

CVE-2022-0235

node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor...