GHSA-pw2r-vq6v-hr8c

Vulnerable Component Details
Type Namespace Name Version Package URL
npm None follow-redirects 1.14.4 pkg:npm/follow-redirects@1.14.4
Vulnerability Details
ID GHSA-pw2r-vq6v-hr8c
Description Exposure of Sensitive Information to an Unauthorized Actor in NPM follow-redirects prior to 1.14.8.
Recommendation Upgrade to version 1.14.8 or above.. || State: fixed | Fix Versions: 1.14.8
Ratings
Severity Score Method Vector Source
4.3 CVSSv2 AV:N/AC:M/Au:N/C:P/I:N/A:N nvd
5.9 CVSSv3 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N ghsa
Related Vulnerabilities
Found By Anchore Grype , Aquasec Trivy , Sonotype OSS-Index , Gitlab Gemnasium
References / Advisories
Weakness Enumeration