Tag
node-fetch
Safeguard articles tagged "node-fetch" — guides, analysis, and best practices for software supply chain and application security.
2 articles
Security Guides
node-fetch Security Guide (2026)
node-fetch brought the browser fetch API to Node.js and became a near-universal HTTP client — and its two real CVEs, a redirect-based header leak and a size-limit bypass, are exactly the kind of subtle bug that ships to millions of apps.
Jul 8, 20266 min read
Vulnerability Analysis
CVE-2022-0235: node-fetch forwards sensitive headers on r...
CVE-2022-0235: node-fetch forwarded cookie and authorization headers across cross-origin redirects. Affected versions, exploitability context, and remediation steps.
Oct 13, 20258 min read