All vulnerabilities
CVE-2022-0235
node-fetch forwards secure headers to untrusted sites
Description
node-fetch forwards secure headers such as authorization, www-authenticate, cookie, & cookie2 when redirecting to a untrusted site.
Patch Available
Fix available through Seal Security.
No upgrade required, protect your application instantly.
Fix without upgrading
Score
Severity
Ecosystem
JavaScript
Publish Date
January 21, 2022
Modified Date
November 7, 2023
Score Vector
Affected Versions
