Denial of Service

Overview Node Fetch did not honor the size option after following a redirect, which means that when a content size was over the limit, a FetchError would never get thrown and the process would end without failure. For most people, this fix will have a little or no impact. However, if you are...

20190403-utils (=1.0.0), 3nit-utils (>=0.24.0 <=1.0.2) +4759 more potentially affected by CVE-2020-15168 via node-fetch (>=2.0.0 <=2.6.0)

node-fetch NPM version =2.0.0, =0.24.0, =0.0.0-alpha.1, =1.0.43, =0.0.80, =1.0.0-beta.1, =0.0.0-canary.0, =0.0.1, =2.0.0, =1.0.0, =0.1.0, =2.0.0, =2.0.3 and more Source cves: CVE-2020-15168 Source advisory: OSV:GHSA-W7RC-RWVF-8Q5R...

@ctx-core/auth0 (>=25.0.2 <=28.0.23), @ctx-core/auth0-lock (>=12.0.2 <=13.0.9) +55 more potentially affected by CVE-2020-15168 via node-fetch (>=3.0.0-beta.10 <=3.0.0-beta.8)

node-fetch NPM version =3.0.0-beta.10, =25.0.2, =12.0.2, =6.0.2, =1.0.1, =10.0.2, =11.0.2, =9.0.2, =1.0.0, =11.0.16, =0.0.1, =7.0.0, =5.0.0, =6.0.0, =8.0.2, =0.0.1, =0.0.6 and more Source cves: CVE-2020-15168 Source advisory: OSV:GHSA-W7RC-RWVF-8Q5R...

The `size` option isn't honored after following a redirect in node-fetch

Impact Node Fetch did not honor the size option after following a redirect, which means that when a content size was over the limit, a FetchError would never get thrown and the process would end without failure. For most people, this fix will have a little or no impact. However, if you are relyin...

GHSA-W7RC-RWVF-8Q5R The `size` option isn't honored after following a redirect in node-fetch

Impact Node Fetch did not honor the size option after following a redirect, which means that when a content size was over the limit, a FetchError would never get thrown and the process would end without failure. For most people, this fix will have a little or no impact. However, if you are relyin...