Vendor
node-fetch
Products
1
CVEs
3
Across products
3
Status
Private
Products
1- 3 CVEs
Recent CVEs
3| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-2596 | 0.00 | — | 0.01 | Aug 1, 2022 | Inefficient Regular Expression Complexity in GitHub repository node-fetch/node-fetch prior to 3.2.10. | |||
| CVE-2022-0235 | 0.00 | — | 0.02 | Jan 16, 2022 | node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor | |||
| CVE-2020-15168 | 0.00 | — | 0.02 | Sep 10, 2020 | node-fetch before versions 2.6.1 and 3.0.0-beta.9 did not honor the size option after following a redirect, which means that when a content size was over the limit, a FetchError would never get thrown and the process would end without failure. For most people, this fix will have… |
- CVE-2022-2596Aug 1, 2022risk 0.00cvss —epss 0.01
Inefficient Regular Expression Complexity in GitHub repository node-fetch/node-fetch prior to 3.2.10.
- CVE-2022-0235Jan 16, 2022risk 0.00cvss —epss 0.02
node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor
- CVE-2020-15168Sep 10, 2020risk 0.00cvss —epss 0.02
node-fetch before versions 2.6.1 and 3.0.0-beta.9 did not honor the size option after following a redirect, which means that when a content size was over the limit, a FetchError would never get thrown and the process would end without failure. For most people, this fix will have…