CVE-2022-1214 (High) detected in axios-0.21.4.tgz #1546
Labels
cve
Security vulnerabilities detected by Dependabot or Mend
high severity
High severity CVE
Mend: dependency security vulnerability
Security vulnerability detected by Mend
CVE-2022-1214 - High Severity Vulnerability
Vulnerable Library - axios-0.21.4.tgz
Promise based HTTP client for the browser and node.js
Library home page: https://registry.npmjs.org/axios/-/axios-0.21.4.tgz
Dependency Hierarchy:
Found in base branch: main
Vulnerability Details
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository axios/axios prior to 0.26.
Publish Date: 2022-05-03
URL: CVE-2022-1214
CVSS 3 Score Details (8.8)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: https://huntr.dev/bounties/ef7b4ab6-a3f6-4268-a21a-e7104d344607/
Release Date: 2022-05-03
Fix Resolution: axios - v0.26.0
The text was updated successfully, but these errors were encountered: