VYPR

HTTP Client

by Actions

Source repositories

CVEs (1)

  • CVE-2020-11021Apr 29, 2020
    risk 0.00cvss epss 0.02

    Actions Http-Client (NPM @actions/http-client) before version 1.0.8 can disclose Authorization headers to incorrect domain in certain redirect scenarios. The conditions in which this happens are if consumers of the http-client: 1. make an http request with an authorization…