CVE-2016-3956 in mpm信息

摘要

由 MITRE

The CLI in npm before 2.15.1 and 3.x before 3.8.3, as used in Node.js 0.10 before 0.10.44, 0.12 before 0.12.13, 4 before 4.4.2, and 5 before 5.10.0, includes bearer tokens with arbitrary requests, which allows remote HTTP servers to obtain sensitive information by reading Authorization headers.

Be aware that VulDB is the high quality source for vulnerability data.

来源

Want to stay up to date on a daily basis?

Enable the mail alert feature now!