Exposure of Private Personal Information to an Unauthorized Actor in follow-redirects/follow-redirects
CVE-2022-0155

8HIGH

Key Information:

Vendor: Follow-redirects
Status: Follow-redirects/follow-redirects
Vendor: CVE Published:; 10 January 2022

🔔 Create Follow-redirects Vulnerability Alert

What is CVE-2022-0155?

follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor

Affected Version(s)

follow-redirects/follow-redirects < 1.14.7

References

https://huntr.dev/bounties/fc524e4b-ebb6-427d-ab67-a64181...

x_refsource_CONFIRM

https://github.com/follow-redirects/follow-redirects/comm...

x_refsource_MISC

https://cert-portal.siemens.com/productcert/pdf/ssa-63748...

x_refsource_CONFIRM

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

CVSS V3.0

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 10, 2022
Vulnerability Reserved
Jan 7, 2022

CVE-2022-0155 Data

JSON