{"source":1095073,"name":"node-fetch","dependency":"node-fetch","title":"node-fetch forwards secure headers to untrusted sites","url":"https://github.com/advisories/GHSA-r683-j2x4-v87g","severity":"high","versions":["0.1.0","1.0.0","1.0.1","1.0.2","1.0.3","1.0.4","1.0.5","1.0.6","1.1.0","1.1.1","1.1.2","1.2.0","1.2.1","1.3.0","1.3.1","1.3.2","1.3.3","1.4.0","1.4.1","1.5.0","1.5.1","1.5.2","1.5.3","1.6.0","1.6.1","1.6.2","1.6.3","1.7.0","1.7.1","1.7.2","1.7.3","2.0.0-alpha.1","2.0.0-alpha.3","2.0.0-alpha.4","2.0.0-alpha.5","2.0.0-alpha.6","2.0.0-alpha.7","2.0.0-alpha.8","2.0.0-alpha.9","2.0.0","2.1.0","2.1.1","2.1.2","2.2.0","2.2.1","2.3.0","2.4.0","2.4.1","2.5.0","2.6.0","2.6.1","2.6.2","2.6.3","2.6.4","2.6.5","2.6.6","2.6.7","2.6.8","2.6.9","2.6.10","2.6.11","2.6.12","2.6.13","2.7.0","3.0.0-beta.1","3.0.0-beta.2","3.0.0-beta.3","3.0.0-beta.4","3.0.0-beta.5","3.0.0-beta.6","3.0.0-beta.7","3.0.0-beta.8","3.0.0-beta.9","3.0.0-beta.10","3.0.0-beta.6-exportfix","3.0.0","3.1.0","3.1.1","3.2.0","3.2.1","3.2.2","3.2.3","3.2.4","3.2.5","3.2.6","3.2.7","3.2.8","3.2.9","3.2.10","3.3.0","3.3.1","3.3.2","4.0.0-beta.1","4.0.0-beta.2","4.0.0-beta.3","4.0.0-beta.4"],"vulnerableVersions":["0.1.0","1.0.0","1.0.1","1.0.2","1.0.3","1.0.4","1.0.5","1.0.6","1.1.0","1.1.1","1.1.2","1.2.0","1.2.1","1.3.0","1.3.1","1.3.2","1.3.3","1.4.0","1.4.1","1.5.0","1.5.1","1.5.2","1.5.3","1.6.0","1.6.1","1.6.2","1.6.3","1.7.0","1.7.1","1.7.2","1.7.3","2.0.0-alpha.1","2.0.0-alpha.3","2.0.0-alpha.4","2.0.0-alpha.5","2.0.0-alpha.6","2.0.0-alpha.7","2.0.0-alpha.8","2.0.0-alpha.9","2.0.0","2.1.0","2.1.1","2.1.2","2.2.0","2.2.1","2.3.0","2.4.0","2.4.1","2.5.0","2.6.0","2.6.1","2.6.2","2.6.3","2.6.4","2.6.5","2.6.6"],"cwe":["CWE-173","CWE-200","CWE-601"],"cvss":{"score":8.8,"vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},"range":"<2.6.7","id":"Wb+t4nAQ2QbaIBANpGyR0NxscSBZkieQWww78xJqkUCEc1IjJximva83HGHVo/GYYeWrc8xY5cA+dCV5VX2QDA=="}