CVE-2022-0355

Improper Removal of Sensitive Information Before Storage or Transfer in NPM simple-get prior to 4.0.1.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:simple-get_project:simple-get:*:*:*:*:*:node.js:*:*
cpe:2.3:a:simple-get_project:simple-get:*:*:*:*:*:node.js:*:*
cpe:2.3:a:simple-get_project:simple-get:4.0.0:*:*:*:*:node.js:*:*

History

21 Nov 2024, 06:38

Type Values Removed Values Added
References () https://github.com/advisories/GHSA-wpg7-2c88-r8xv - Third Party Advisory () https://github.com/advisories/GHSA-wpg7-2c88-r8xv - Third Party Advisory
References () https://github.com/feross/simple-get/commit/e4af095e06cd69a9235013e8507e220a79b9684f - Patch, Third Party Advisory () https://github.com/feross/simple-get/commit/e4af095e06cd69a9235013e8507e220a79b9684f - Patch, Third Party Advisory
References () https://huntr.dev/bounties/42c79c23-6646-46c4-871d-219c0d4b4e31 - Exploit, Third Party Advisory () https://huntr.dev/bounties/42c79c23-6646-46c4-871d-219c0d4b4e31 - Exploit, Third Party Advisory
CVSS v2 : 5.0
v3 : 7.5
v2 : 5.0
v3 : 8.8

02 Aug 2023, 09:15

Type Values Removed Values Added
Summary Exposure of Sensitive Information to an Unauthorized Actor in NPM simple-get prior to 4.0.1. Improper Removal of Sensitive Information Before Storage or Transfer in NPM simple-get prior to 4.0.1.

21 Jul 2023, 16:55

Type Values Removed Values Added
CWE CWE-200 CWE-212
CPE cpe:2.3:a:simple-get_project:simple-get:4.0.0:*:*:*:*:node.js:*:*
References (MISC) https://github.com/advisories/GHSA-wpg7-2c88-r8xv - (MISC) https://github.com/advisories/GHSA-wpg7-2c88-r8xv - Third Party Advisory

Information

Published : 2022-01-26 04:15

Updated : 2024-11-21 06:38


NVD link : CVE-2022-0355

Mitre link : CVE-2022-0355

CVE.ORG link : CVE-2022-0355


JSON object : View

Products Affected

simple-get_project

  • simple-get
CWE
CWE-212

Improper Removal of Sensitive Information Before Storage or Transfer