search

lquixada / cross-fetch

Universal WHATWG Fetch API for Node, Browsers and React Native.
MIT License
1.66k stars 102 forks source link

Potential security vulnerability #134

Closed ranjit-git closed 2 years ago

ranjit-git commented 2 years ago

A potential security vulnerability has been disclosed for this repo https://huntr.dev/bounties/ab55dfdd-2a60-437a-a832-e3efe3d264ac/ 3 months ago . But i see it still not addressed . Kindly validate the bug

janaagaard75 commented 2 years ago

Do you have another link to the report, where it’s publicly available, @ranjit-git?

lquixada commented 2 years ago

Issue is unclear. This PR will be closed until more info is provided.

ranjit-git commented 2 years ago

@lquixada Plz provide a security email here https://github.com/lquixada/cross-fetch/issues/122 So that team can send vulnerability details

lquixada commented 2 years ago

@ranjit-git a SECURITY.md file has been created! Thanks!