CVE-2022-0155

HIGH Year: 2022
CVSS v3 Score
8.0
High
CVSS v2 Score
4.3
Medium
Weakness Type
CWE-359
View all →

Vulnerability Description

follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor

Related Vulnerabilities

CVE-2024-26192

HIGH
CVSS:8.2(High)

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

CWE-3592024

CVE-2023-50053

HIGH
CVSS:7.6(High)

An issue in Foundation.app Foundation platform 1.0 allows a remote attacker to obtain sensitive information via the Web3 authentication process of Foundation, the signed message lacks a nonce (random ...

CWE-3592023

CVE-2024-11216

HIGH
CVSS:7.6(High)

Authorization Bypass Through User-Controlled Key, Exposure of Private Personal Information to an Unauthorized Actor vulnerability in PozitifIK Pik Online allows Account Footprinting, Session Hijacking...

CWE-3592024

CVE-2021-36723

HIGH
CVSS:7.5(High)

Emuse - eServices / eNvoice Exposure Of Private Personal Information due to lack of identification mechanisms and predictable IDs an attacker can scrape all the files on the service.

CWE-3592021

CVE-2022-36091

HIGH
CVSS:7.5(High)

XWiki Platform Web Templates are templates for XWiki Platform, a generic wiki platform. Through the suggestion feature, string and list properties of objects the user shouldn't have access to can be a...

CWE-3592022

CVE-2022-41936

HIGH
CVSS:7.5(High)

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. The `modifications` rest endpoint does not filter out entries according to the user's rights. T...

CWE-3592022