CVE-2022-1650 @ Npm-eventsource-0.1.6

**Vulnerable Package** issue exists @ **Npm\-eventsource\-0\.1\.6** in branch **main**

Exposure of Sensitive Information to an Unauthorized Actor in eventsource before 1.1.1 and 2.0.x before 2.0.2.

**Namespace:** Svetlana-github
**Repository:** test
**Repository Url:** https://github.com/Svetlana-github/test
**CxAST\-Project:** Svetlana-github/test
**CxAST platform scan:** [8821ba41\-d324\-41fa\-8053\-d13dfc156a43](https://eu.ast.checkmarx.net/projects/5da41c16-f93a-48f1-9010-ef163f3c93ae/scans?id=8821ba41-d324-41fa-8053-d13dfc156a43&branch=main)
**Branch:** main
**Application:** test
**Severity:** HIGH
**State:** NOT_IGNORED
**Status:** RECURRENT
**CWE:** CWE-200


----
**Addition Info**
**Attack vector:** NETWORK
**Attack complexity:** LOW
**Confidentiality impact:** HIGH
**Availability impact:** NONE
**Remediation Upgrade Recommendation:** 1.1.1


----
**References**
[Advisory](https://github.com/advisories/GHSA-6h5x-7c5m-7cr7)
[Commit](https://github.com/EventSource/eventsource/commit/10ee0c4881a6ba2fe65ec18ed195ac35889583c4)
[Disclosure](https://huntr.dev/bounties/dc9e467f-be5d-4945-867d-1044d27e9b8e/)


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

CVE-2022-1650 @ Npm-eventsource-0.1.6 #173

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

CVE-2022-1650 @ Npm-eventsource-0.1.6 #173

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions