[USN-6158-1] Node Fetch vulnerability
Severity
Medium
Affected Packages
2
CVEs
1
Node Fetch could be made to expose sensitive information if it opened a specially crafted file.
It was discovered that Node Fetch incorrectly handled certain inputs. If a
user or an automated system were tricked into opening a specially crafted
input file, a remote attacker could possibly use this issue to obtain
sensitive information.
Package | Affected Version |
---|---|
pkg:deb/ubuntu/node-fetch?distro=focal | < 1.7.3-2ubuntu0.1 |
pkg:deb/ubuntu/node-fetch?distro=bionic | < 1.7.3-1ubuntu0.1~esm1 |
- ID
- USN-6158-1
- Severity
- medium
- Severity from
- CVE-2022-0235
- URL
- https://ubuntu.com/security/notices/USN-6158-1
- Published
-
2023-06-13T14:07:10
(15 months ago) - Modified
-
2023-06-13T14:07:10
(15 months ago) - Other Advisories
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:deb/ubuntu/node-fetch?distro=focal | ubuntu | node-fetch | < 1.7.3-2ubuntu0.1 | focal | ||
Affected | pkg:deb/ubuntu/node-fetch?distro=bionic | ubuntu | node-fetch | < 1.7.3-1ubuntu0.1~esm1 | bionic |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |