CVE-2022-0155
published 2022-01-10CVE-2022-0155: follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor
medium6.5CVSS 3.1
AVNACLPRNUIRSUCHINAN
follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | node-follow-redirects | < node-follow-redirects 1.14.7+~1.13.1-1 (bookworm) | node-follow-redirects 1.14.7+~1.13.1-1 (bookworm) |
| follow-redirects | follow-redirects_follow-redirects | >= unspecified < 1.14.7 | 1.14.7 |
| follow-redirects_project | follow-redirects | < 1.14.7 | 1.14.7 |
| follow-redirects_project | follow-redirects | >= 0 < 1.14.7 | 1.14.7 |
| siemens | sinec_ins | < 1.0 | 1.0 |
| siemens | sinec_ins | — | — |
| ubuntu | node-follow-redirects | — | — |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
osv6.5MEDIUM
cisa8.6HIGH