2082190 – (CVE-2022-1214) CVE-2022-1214 : axios: Exposure of Sensitive Information to an Unauthorized Actor

Bug 2082190 (CVE-2022-1214) - CVE-2022-1214 : axios: Exposure of Sensitive Information to an Unauthorized Actor

Summary: CVE-2022-1214 : axios: Exposure of Sensitive Information to an Unauthorized A...

Keywords:
Status:	CLOSED NOTABUG
Alias:	CVE-2022-1214
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2082259 2082353 2082354 2082355 2082356 2082470 2082471 2082472 2082473 2082474 2082475 2082476 2082477 2082478 2082479 2082480 2082481 2082482 2082483 2082484 2082485 2082486 2082487 2082488 2082489
Blocks:	2082192
TreeView+	depends on / blocked

Reported:	2022-05-05 14:45 UTC by Patrick Del Bello
Modified:	2022-06-02 23:07 UTC (History)
CC List:	10 users (show)
Fixed In Version:	axios 0.26
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2022-05-09 11:23:39 UTC
Embargoed:

Attachments	(Terms of Use)

Description Patrick Del Bello 2022-05-05 14:45:21 UTC

Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository axios/axios prior to 0.26.

https://huntr.dev/bounties/ef7b4ab6-a3f6-4268-a21a-e7104d344607
https://github.com/axios/axios/commit/c9aca7525703ab600eacd9e95fd7f6ecc9942616

Note You need to log in before you can comment on or make changes to this bug.