Page 2 of 11 results (0.003 seconds)
CVSS: 7.5EPSS: 2%CPEs: 95EXPL: 0
CVSS: 7.5EPSS: 2%CPEs: 95EXPL: 0CVE-2016-3956
https://notcve.org/view.php?id=CVE-2016-3956
02 Jul 2016 — The CLI in npm before 2.15.1 and 3.x before 3.8.3, as used in Node.js 0.10 before 0.10.44, 0.12 before 0.12.13, 4 before 4.4.2, and 5 before 5.10.0, includes bearer tokens with arbitrary requests, which allows remote HTTP servers to obtain sensitive information by reading Authorization headers. La CLI en npm en versiones anteriores a 2.15.1 y 3.x en versiones anteriores a 3.8.3, tal como se utiliza en Node.js 0.10 en versiones anteriores a 0.10.44, 0.12 en versiones anteriores a 0.12.13, 4 en versiones ante... • http://blog.npmjs.org/post/142036323955/fixing-a-bearer-token-vulnerability • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •