Lucene search
Veracode Vulnerability DatabaseVERACODE:26730HistorySep 11, 2020 - 3:20 a.m.
Denial Of Service (DoS)
2020-09-1103:20:47
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
0.001 Low
EPSS
Percentile
42.5%
node-fetch is vulnerable to denial of service. The size option after following a redirect is not adhered to, which does not result in a FetchError being thrown and the process ending without failure when a content size was over the limit.
| CPE | Name | Operator | Version |
|---|---|---|---|
| node-fetch | le | 2.6.0 | |
| node-fetch | le | 3.0.0-beta.8 | |
| node-fetch | le | 2.6.0 | |
| node-fetch | le | 3.0.0-beta.8 |
Related
cvelist
cvelist
CVE-2020-15168 File size limit bypass in node-fetch
2020-09-10 18:25:13
github
github
The `size` option isn't honored after following a redirect in node-fetch
2020-09-10 17:46:21
ibm
ibm
prion
prion
Design/Logic Flaw
2020-09-10 19:15:00
osv
osv
The `size` option isn't honored after following a redirect in node-fetch
2020-09-10 17:46:21
CVE-2020-15168
2020-09-10 19:15:13
ubuntucve
ubuntucve
CVE-2020-15168
2020-09-10 00:00:00
nodejs
nodejs
Denial of Service
2020-09-10 17:55:53
cve
cve
CVE-2020-15168
2020-09-10 19:15:13
redhatcve
redhatcve
CVE-2020-15168
2020-09-24 10:46:39
debiancve
debiancve
CVE-2020-15168
2020-09-10 19:15:13
nvd
nvd
CVE-2020-15168
2020-09-10 19:15:13