CVE-2022-0155: Exposure of Private Personal Information to an Unauthorized Actor

January 10, 2022 (updated October 28, 2022)

follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor

References

github.com/advisories/GHSA-74fj-2j2h-c42q
github.com/follow-redirects/follow-redirects/commit/8b347cbcef7c7b72a6e9be20f5710c17d6163c22
huntr.dev/bounties/fc524e4b-ebb6-427d-ab67-a64181020406
nvd.nist.gov/vuln/detail/CVE-2022-0155

Code Behaviors & Features

Detect and mitigate CVE-2022-0155 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →