CVE-2022-0235
published 2022-01-16CVE-2022-0235: node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor
medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | node-fetch | < node-fetch 2.6.1-7 (bookworm) | node-fetch 2.6.1-7 (bookworm) |
| node-fetch | node-fetch_node-fetch | >= unspecified < 3.1.1 | 3.1.1 |
| node-fetch_project | node-fetch | < 2.6.7 | 2.6.7 |
| node-fetch_project | node-fetch | >= 0 < 2.6.1-5+deb11u1 | 2.6.1-5+deb11u1 |
| node-fetch_project | node-fetch | >= 0 < 2.6.1-7 | 2.6.1-7 |
| node-fetch_project | node-fetch | >= 0 < 2.6.1-7 | 2.6.1-7 |
| node-fetch_project | node-fetch | >= 0 < 2.6.1-7 | 2.6.1-7 |
| node-fetch_project | node-fetch | >= 0 < 2.6.7 | 2.6.7 |
| node-fetch_project | node-fetch | >= 3.0.0 < 3.1.1 | 3.1.1 |
| node-fetch_project | node-fetch | >= 3.0.0 < 3.1.1 | 3.1.1 |
| siemens | sinec_ins | < 1.0 | 1.0 |
| siemens | sinec_ins | — | — |
CVSS provenance
nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
osv6.1MEDIUM