Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository lquixada/cross-fetch prior to 3.1.5.
References
Link | Resource |
---|---|
https://github.com/lquixada/cross-fetch/commit/a3b3a9481091ddd06b8f83784ba9c4e034dc912a | Patch Third Party Advisory |
https://huntr.dev/bounties/ab55dfdd-2a60-437a-a832-e3efe3d264ac | Exploit Patch Third Party Advisory |
Configurations
History
22 Nov 2022, 19:16
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 4.0
v3 : 6.5 |
25 Apr 2022, 18:56
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://github.com/lquixada/cross-fetch/commit/a3b3a9481091ddd06b8f83784ba9c4e034dc912a - Patch, Third Party Advisory | |
References | (CONFIRM) https://huntr.dev/bounties/ab55dfdd-2a60-437a-a832-e3efe3d264ac - Exploit, Patch, Third Party Advisory | |
First Time |
Cross-fetch Project
Cross-fetch Project cross-fetch |
|
CWE | CWE-863 | |
CVSS |
v2 : v3 : |
v2 : 5.8
v3 : 6.1 |
CPE | cpe:2.3:a:cross-fetch_project:cross-fetch:*:*:*:*:*:node.js:*:* |
15 Apr 2022, 23:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-04-15 23:15
Updated : 2023-12-10 14:22
NVD link : CVE-2022-1365
Mitre link : CVE-2022-1365
CVE.ORG link : CVE-2022-1365
JSON object : View
Products Affected
cross-fetch_project
- cross-fetch