CVE-2022-1365

Incorrect Authorization in npm/cross-fetch

Identifiers

GHSA-7gc6-qh9x-w6h8, CVE-2022-1365

Package Slug

npm/cross-fetch

Vulnerability

Incorrect Authorization

Description

Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository lquixada/cross-fetch prior to 3.1.5.

Affected Versions

All versions before 3.1.5

Solution

Upgrade to version 3.1.5 or above.

Last Modified

2022-05-01

source