Exposure of Sensitive Information to an Unauthorized Actor in follow-redirects
- Severity:
- Medium
Description
Exposure of Sensitive Information to an Unauthorized Actor in NPM follow-redirects prior to 1.14.8.
Recommendation
Update the follow-redirects package to the latest compatible version. Followings are version details:
- Affected version(s): < 1.14.8
- Patched version(s): 1.14.8
References
Related Issues
- Exposure of sensitive information in follow-redirects - CVE-2022-0155
- Exposure of Sensitive Information to an Unauthorized Actor in nanoid - CVE-2021-23566
- Exposure of Sensitive Information to an Unauthorized Actor in AEgir - CVE-2020-11059
- Exposure of Sensitive Information in eventsource - CVE-2022-1650
- Tags:
- npm
- follow-redirects
Anything's wrong? Let us know Last updated on July 21, 2023