Details
Assignee
UnassignedUnassignedReporter
onms security jiraonms security jiraLabels
Priority
Low
Details
Details
Assignee
Unassigned
UnassignedReporter
onms security jira
onms security jiraLabels
Priority
LowPagerDuty
PagerDuty
PagerDuty
Created July 21, 2023 at 10:33 PM
Updated July 25, 2023 at 3:06 PM
follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor
Repository: OpenNMS/usage-stats-handler (https://github.com/OpenNMS/usage-stats-handler)
Dependabot: https://github.com/OpenNMS/usage-stats-handler/security/dependabot/1
CVE: CVE-2022-0155
CVSS: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
GHSA: GHSA-74fj-2j2h-c42q
Severity: high
Ecosystem: npm
Package Name: follow-redirects
Vulnerable Version Range: < 1.14.7
First Patched Version: 1.14.7