RSS   Vulnerabilities for 'React-native-fast-image'   RSS

2020-07-17
 
CVE-2020-7696

CWE-200
 

 
This affects all versions of package react-native-fast-image. When an image with source={{uri: "...", headers: { host: "somehost.com", authorization: "..." }} is loaded, all other subsequent images will use the same headers, this can lead to signing credentials or other session tokens being leaked to other servers.

 


Copyright 2024, cxsecurity.com

 

Back to Top