Details
Assignee
UnassignedUnassignedReporter
onms security jiraonms security jiraLabels
Priority
Low
Details
Details
Assignee
Unassigned
UnassignedReporter
onms security jira
onms security jira
Labels
Priority
LowPagerDuty
PagerDuty
PagerDuty
Created July 21, 2023 at 10:33 PM
Updated July 25, 2023 at 3:06 PM
Exposure of Sensitive Information to an Unauthorized Actor in NPM follow-redirects prior to 1.14.8.
Repository: OpenNMS/usage-stats-handler (https://github.com/OpenNMS/usage-stats-handler)
Dependabot: https://github.com/OpenNMS/usage-stats-handler/security/dependabot/2
CVE: CVE-2022-0536
CVSS: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
GHSA: GHSA-pw2r-vq6v-hr8c
Severity: medium
Ecosystem: npm
Package Name: follow-redirects
Vulnerable Version Range: < 1.14.8
First Patched Version: 1.14.8