CVE-2022-0430Sensitive Information Exposure in Httpie

CWE-200Sensitive Information Exposure7 documents4 sources
Severity
5.3MEDIUMNVD
EPSS
0.3%
top 44.65%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Httpie HttpieHttpieDebian Httpie
Timeline
PublishedMar 15
Latest updateMar 16

Description

Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository httpie/httpie prior to 3.1.0.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages5 packages

NVDhttpie/httpie< 3.1.0
PyPIhttpie/httpie< 3.1.0
debiandebian/httpie< httpie 3.2.1-1 (bookworm)
CVEListV5httpie/httpie_httpieunspecified3.1.0
Debianhttpie/httpie< 3.2.1-1+2

Patches

Patch: github.comPatch: huntr.devPatch: github.com

🔴Vulnerability Details

5
GHSA
Exposure of Sensitive information in httpie2022-03-16
OSV
Exposure of Sensitive information in httpie2022-03-16
OSV
CVE-2022-0430: Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository httpie/httpie prior to 32022-03-15
GHSA
Exposure of Sensitive Information to an Unauthorized Actor in httpie2022-03-07
OSV
Exposure of Sensitive Information to an Unauthorized Actor in httpie2022-03-07

📋Vendor Advisories

1
Debian
CVE-2022-0430: httpie - Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository ...2022
CVE-2022-0430 — Sensitive Information Exposure | cvebase