Skip to main content

Node Fetch

2 CVEs product

Monthly

CVE-2022-2596 npm MEDIUM POC PATCH This Month

Inefficient Regular Expression Complexity in GitHub repository node-fetch/node-fetch prior to 3.2.10. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Denial Of Service Node Fetch
NVD GitHub
CVSS 3.1
5.9
EPSS
1.1%
CVE-2020-15168 npm MEDIUM PATCH This Month

node-fetch before versions 2.6.1 and 3.0.0-beta.9 did not honor the size option after following a redirect, which means that when a content size was over the limit, a FetchError would never get. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Node Fetch
NVD GitHub
CVSS 3.1
5.3
EPSS
1.7%
EPSS 1% CVSS 5.9
MEDIUM POC PATCH This Month

Inefficient Regular Expression Complexity in GitHub repository node-fetch/node-fetch prior to 3.2.10. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Denial Of Service Node Fetch
NVD GitHub
EPSS 2% CVSS 5.3
MEDIUM PATCH This Month

node-fetch before versions 2.6.1 and 3.0.0-beta.9 did not honor the size option after following a redirect, which means that when a content size was over the limit, a FetchError would never get. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Node Fetch
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy