CVE-2022-0430 (Medium) detected in httpie-0.2.0.tar.gz #26
Labels
security vulnerability
Security vulnerability detected by WhiteSource
Comments
mend-for-github-com
bot
added
the
security vulnerability
1 task
mend-for-github-com
bot
changed the title
This was referenced Jun 30, 2022
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
CVE-2022-0430 - Medium Severity Vulnerability
HTTPie - a CLI, cURL-like tool for humans.
Library home page: https://files.pythonhosted.org/packages/37/ad/b2ce98d7db29eb071deea837f5fe8e382e81f27fb81fc77862a1d5f3fbac/httpie-0.2.0.tar.gz
Path to dependency file: /folder2/requirements.txt
Path to vulnerable library: /folder2/requirements.txt
Dependency Hierarchy:
Found in base branch: master
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository httpie/httpie prior to 3.1.0.
Publish Date: 2022-03-15
URL: CVE-2022-0430
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: Low
- Integrity Impact: None
- Availability Impact: None
For more information on CVSS3 Scores, click here.Type: Upgrade version
Origin: https://huntr.dev/bounties/dafb2e4f-c6b6-4768-8ef5-b396cd6a801f/
Release Date: 2022-03-15
Fix Resolution: httpie - 3.1.0
⛑️ Automatic Remediation is available for this issue
The text was updated successfully, but these errors were encountered: