Vulnerabilities > Node Fetch Project > Node Fetch > 2.4.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-16 | CVE-2022-0235 | Information Exposure vulnerability in multiple products node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor | 6.1 |
| 2020-09-10 | CVE-2020-15168 | Allocation of Resources Without Limits or Throttling vulnerability in Node-Fetch Project Node-Fetch node-fetch before versions 2.6.1 and 3.0.0-beta.9 did not honor the size option after following a redirect, which means that when a content size was over the limit, a FetchError would never get thrown and the process would end without failure. | 5.0 |