Lucene search
Veracode Vulnerability DatabaseVERACODE:36014HistoryJun 16, 2022 - 7:52 a.m.
Information Disclosure
2022-06-1607:52:39
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
19
finastra/nestjs-proxy
information disclosure
vulnerability
proxyservice
authorization header
unauthorized user
sensitive information
EPSS
0.001
Percentile
48.7%
@finastra/nestjs-proxy is vulnerable to information disclosure. The vulnerability exists in the ProxyService function due to a lack of sanitization in the authorization header which allows an unauthorized user to access sensitive information in the system.
Related
osv
osv
Potential Authorization Header Exposure in NPM Packages @finastra/nestjs-proxy, @ffdc/nestjs-proxy
2022-06-17 21:39:48
CVE-2022-31069
2022-06-15 19:15:11
github
github
cvelist
cvelist
prion
prion
Authorization
2022-06-15 19:15:00
cve
cve
CVE-2022-31069
2022-06-15 19:15:11
nvd
nvd
CVE-2022-31069
2022-06-15 19:15:11