follow-redirects : < 1.14.8 - Exposure of Sensitive Information to an Unauthorized Actor in follow-redirects
Created by: armorcodegithubqa[bot]
Exposure of Sensitive Information to an Unauthorized Actor in NPM follow-redirects prior to 1.14.8.
References:
- https://nvd.nist.gov/vuln/detail/CVE-2022-0536
- https://github.com/follow-redirects/follow-redirects/commit/62e546a99c07c3ee5e4e0718c84a6ca127c5c445
- https://huntr.dev/bounties/7cf2bf90-52da-4d59-8028-a73b132de0db
- https://github.com/advisories/GHSA-pw2r-vq6v-hr8c
File Path: public/package-lock.json
Mitigation: Patched version: 1.14.8