Description
Improper Removal of Sensitive Information Before Storage or Transfer in NPM simple-get prior to 4.0.1.
Remediation
References
https://github.com/advisories/GHSA-wpg7-2c88-r8xv
https://github.com/feross/simple-get/commit/e4af095e06cd69a9235013e8507e220a79b9684f
https://huntr.dev/bounties/42c79c23-6646-46c4-871d-219c0d4b4e31
Related Vulnerabilities
CVE-2017-16024 Vulnerability in npm package sync-exec
CVE-2022-4742 Vulnerability in npm package json-pointer
CVE-2017-16085 Vulnerability in npm package tinyserver2
CVE-2020-11112 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind
CVE-2019-10406 Vulnerability in maven package org.jenkins-ci.main:jenkins-core