CVE-2022-0235
Description
node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor
Risk Information
Base Score
6.1
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS Score
Exploitation Probability
0.647
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities are affected in IBM Planning Analytics Local 2.0 | Windows |
| Multiple Vulnerabilities are affected in IBM App Connect Enterprise 11.0.0.15 | Windows |
| Multiple Vulnerabilities are affected in IBM App Connect Enterprise 12.0.3.0 | Windows |
| Nodejs update (ELSA-2023-0050) nodejs-14.21.1-2.module+el8.7.0+20895+79a25710.x86_64.rpm | Linux |
| Nodejs-devel update (ELSA-2023-0050) nodejs-devel-14.21.1-2.module+el8.7.0+20895+79a25710.x86_64.rpm | Linux |
| Nodejs-docs update (ELSA-2023-0050) nodejs-docs-14.21.1-2.module+el8.7.0+20895+79a25710.noarch.rpm | Linux |
| Nodejs-full-i18n update (ELSA-2023-0050) nodejs-full-i18n-14.21.1-2.module+el8.7.0+20895+79a25710.x86_64.rpm | Linux |
| Nodejs-nodemon update (ELSA-2023-0050) nodejs-nodemon-2.0.20-2.module+el8.7.0+20895+79a25710.noarch.rpm | Linux |
| Nodejs-packaging update (ELSA-2023-0050) nodejs-packaging-23-3.module+el8.3.0+7818+6cd30d85.noarch.rpm | Linux |
| Npm update (ELSA-2023-0050) npm-6.14.17-1.14.21.1.2.module+el8.7.0+20895+79a25710.x86_64.rpm | Linux |
| (RHSA-2023:0050) nodejs:14 security, bug fix, and enhancement update nodejs-14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64.rpm | Linux |
| (RHSA-2023:0050) nodejs:14 security, bug fix, and enhancement update nodejs-debugsource-14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64.rpm | Linux |
| (RHSA-2023:0050) nodejs:14 security, bug fix, and enhancement update nodejs-devel-14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64.rpm | Linux |
| (RHSA-2023:0050) nodejs:14 security, bug fix, and enhancement update nodejs-docs-14.21.1-2.module+el8.7.0+17528+a329cd47.noarch.rpm | Linux |
| (RHSA-2023:0050) nodejs:14 security, bug fix, and enhancement update nodejs-full-i18n-14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64.rpm | Linux |
| (RHSA-2023:0050) nodejs:14 security, bug fix, and enhancement update nodejs-nodemon-2.0.20-2.module+el8.7.0+17528+a329cd47.noarch.rpm | Linux |
| (RHSA-2023:0050) nodejs:14 security, bug fix, and enhancement update npm-6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.x86_64.rpm | Linux |
| A light-weight module that brings the Fetch API to Node.js (USN-6158-1) node-fetch_1.7.3-2ubuntu0.1_all.deb | Linux |
| A light-weight module that brings the Fetch API to Node.js (USN-6158-1) node-fetch_1.7.3-1_all.deb | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234