Vulnerability

CVE-2022-0235

 Report advisory or correction

CVSS Score 6.1 medium

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE

CWE-200

References

https://github.com/node-fetch/node-fetch/pull/1449
https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0235

[CVE-2022-0235] CWE-200: Information Exposure

Description

node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor

See node-fetch package information