What is CVE-2022-0355?

CVE-2022-0355 is a high-severity vulnerability in Feross Feross/simple-get, classified under Improper Removal of Sensitive Information Before Storage or Transfer. CVSS score: 8.8/10. Published 2022-01-26.

How severe is CVE-2022-0355?

High severity. CVSS v3 base score is 8.8 out of 10.

Vulnerability in Feross Feross/simple-get

CVE-2022-0355

Improper Removal of Sensitive Information Before Storage or Transfer in NPM simple-get prior to 4.0.1.

EPSS: 0.005 (64.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Feross Feross/simple-get — versions unspecified

Weakness classification (CWE)

CWE-212 — Improper Removal of Sensitive Information Before Storage or Transfer

References

huntr.dev/bounties/42c79c23-6646-46c4-871d-219c0d4b4e31
github.com/feross/simple-get/commit/e4af095e06cd69a9235013e8507e220a79b9684f
github.com/advisories/GHSA-wpg7-2c88-r8xv

Frequently asked questions

What is CVE-2022-0355?: CVE-2022-0355 is a high-severity vulnerability in Feross Feross/simple-get, classified under Improper Removal of Sensitive Information Before Storage or Transfer. CVSS score: 8.8/10. Published 2022-01-26.
How severe is CVE-2022-0355?: High severity. CVSS v3 base score is 8.8 out of 10.