Lucene search
HackeroneCVELIST:CVE-2019-5448HistoryJul 30, 2019 - 8:15 p.m.
CVE-2019-5448
2019-07-3020:15:57
CWE-311
hackerone
www.cve.org
1
Yarn before 1.17.3 is vulnerable to Missing Encryption of Sensitive Data due to HTTP URLs in lockfile causing unencrypted authentication data to be sent over the network.
CNA Affected
[
{
"product": "yarn",
"vendor": "yarn",
"versions": [
{
"status": "affected",
"version": "Fixed in 1.17.3"
}
]
}
]Related
nessus
nessus
Photon OS 2.0: Yarn PHSA-2019-2.0-0176
2019-09-24 00:00:00
Photon OS 1.0: Yarn PHSA-2019-1.0-0255
2019-10-07 00:00:00
Photon OS 1.0: Yarn PHSA-2019-1.0-0252
2019-10-11 00:00:00
hackerone
hackerone
osv
osv
Missing Encryption of Sensitive Data in yarn
2019-07-31 04:22:15
CVE-2019-5448
2019-07-30 21:15:11
nvd
nvd
CVE-2019-5448
2019-07-30 21:15:11
github
github
Missing Encryption of Sensitive Data in yarn
2019-07-31 04:22:15
debiancve
debiancve
CVE-2019-5448
2019-07-30 21:15:11
ubuntucve
ubuntucve
CVE-2019-5448
2019-07-30 00:00:00
cve
cve
CVE-2019-5448
2019-07-30 21:15:11
veracode
veracode
Information Disclosure
2019-07-31 02:41:38
prion
prion
Authentication flaw
2019-07-30 21:15:00
photon
photon