[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2022-0235":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":1085,"aliases":1095,"duplicate_of":9,"upstream":1097,"downstream":1098,"duplicates":1125,"related":1126,"reserved_at":9,"published_at":1133,"modified_at":1134,"state":1135,"summary":1136,"references_raw":1144,"kevs":1193,"epss":1194,"epss_history":1197,"metrics":1465,"affected":1485},"CVE-2022-0235","node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor",null,[11,24],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-601","URL Redirection to Untrusted Site ('Open Redirect')","The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.","weakness","Draft","Base","Low",[20],{"id":21,"name":22,"techniques":23},"CAPEC-178","Cross-Site Flashing",[],{"_key":25,"id":25,"name":26,"description":27,"type":15,"status":16,"abstraction":28,"likelihood_of_exploit":29,"capec":30},"CWE-200","Exposure of Sensitive Information to an Unauthorized Actor","The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.","Class","High",[31,35,219,245,249,253,257,261,265,269,359,363,367,389,393,397,401,405,415,419,423,427,431,435,439,443,447,511,515,541,563,567,571,575,579,583,587,591,595,599,603,607,611,615,619,623,655,659,681,703,749,775,875,879,1004,1041,1051,1061,1081],{"id":32,"name":33,"techniques":34},"CAPEC-116","Excavation",[],{"id":36,"name":37,"techniques":38},"CAPEC-13","Subverting Environment Variable Values",[39,137,179],{"id":40,"name":41,"tactics":42,"countermeasures":49},"T1562.003","Impair Command History Logging",[43,46],{"id":44,"name":45},"TA0030","Defense Evasion",{"id":47,"name":48},"TA0005","Stealth",[50,55,60,64,68,72,77,81,86,91,95,99,104,108,113,117,121,125,129,133],{"id":51,"name":52,"tactic":53},"D3-CI","Configuration Inventory",{"name":54},"Model",{"id":56,"name":57,"tactic":58},"D3-FA","File Analysis",{"name":59},"Detect",{"id":61,"name":62,"tactic":63},"D3-FIM","File Integrity Monitoring",{"name":59},{"id":65,"name":66,"tactic":67},"D3-DA","Dynamic Analysis",{"name":59},{"id":69,"name":70,"tactic":71},"D3-EFA","Emulated File Analysis",{"name":59},{"id":73,"name":74,"tactic":75},"D3-FEV","File Eviction",{"name":76},"Evict",{"id":78,"name":79,"tactic":80},"D3-RKD","Registry Key Deletion",{"name":76},{"id":82,"name":83,"tactic":84},"D3-DF","Decoy File",{"name":85},"Deceive",{"id":87,"name":88,"tactic":89},"D3-DRA","Disable Remote Access",{"name":90},"Harden",{"id":92,"name":93,"tactic":94},"D3-ACH","Application Configuration Hardening",{"name":90},{"id":96,"name":97,"tactic":98},"D3-FE","File Encryption",{"name":90},{"id":100,"name":101,"tactic":102},"D3-RC","Restore Configuration",{"name":103},"Restore",{"id":105,"name":106,"tactic":107},"D3-RF","Restore File",{"name":103},{"id":109,"name":110,"tactic":111},"D3-CQ","Content Quarantine",{"name":112},"Isolate",{"id":114,"name":115,"tactic":116},"D3-CF","Content Filtering",{"name":112},{"id":118,"name":119,"tactic":120},"D3-LFP","Local File Permissions",{"name":112},{"id":122,"name":123,"tactic":124},"D3-RFAM","Remote File Access Mediation",{"name":112},{"id":126,"name":127,"tactic":128},"D3-CM","Content Modification",{"name":112},{"id":130,"name":131,"tactic":132},"D3-EAL","Executable Allowlisting",{"name":112},{"id":134,"name":135,"tactic":136},"D3-EDL","Executable Denylisting",{"name":112},{"id":138,"name":139,"tactics":140,"countermeasures":152},"T1574.006","Dynamic Linker Hijacking",[141,144,147,148,149],{"id":142,"name":143},"TA0110","Persistence",{"id":145,"name":146},"TA0111","Privilege Escalation",{"id":44,"name":45},{"id":47,"name":48},{"id":150,"name":151},"TA0104","Execution",[153,157,159,161,163,165,167,169,171,173,175,177],{"id":154,"name":155,"tactic":156},"D3-SFA","System File Analysis",{"name":59},{"id":56,"name":57,"tactic":158},{"name":59},{"id":61,"name":62,"tactic":160},{"name":59},{"id":73,"name":74,"tactic":162},{"name":76},{"id":82,"name":83,"tactic":164},{"name":85},{"id":96,"name":97,"tactic":166},{"name":90},{"id":105,"name":106,"tactic":168},{"name":103},{"id":114,"name":115,"tactic":170},{"name":112},{"id":118,"name":119,"tactic":172},{"name":112},{"id":122,"name":123,"tactic":174},{"name":112},{"id":109,"name":110,"tactic":176},{"name":112},{"id":126,"name":127,"tactic":178},{"name":112},{"id":180,"name":181,"tactics":182,"countermeasures":188},"T1574.007","Path Interception by PATH Environment Variable",[183,184,185,186,187],{"id":142,"name":143},{"id":145,"name":146},{"id":44,"name":45},{"id":47,"name":48},{"id":150,"name":151},[189,191,193,195,197,199,201,203,205,207,209,211,213,215,217],{"id":56,"name":57,"tactic":190},{"name":59},{"id":61,"name":62,"tactic":192},{"name":59},{"id":65,"name":66,"tactic":194},{"name":59},{"id":69,"name":70,"tactic":196},{"name":59},{"id":73,"name":74,"tactic":198},{"name":76},{"id":82,"name":83,"tactic":200},{"name":85},{"id":96,"name":97,"tactic":202},{"name":90},{"id":105,"name":106,"tactic":204},{"name":103},{"id":114,"name":115,"tactic":206},{"name":112},{"id":118,"name":119,"tactic":208},{"name":112},{"id":122,"name":123,"tactic":210},{"name":112},{"id":109,"name":110,"tactic":212},{"name":112},{"id":126,"name":127,"tactic":214},{"name":112},{"id":130,"name":131,"tactic":216},{"name":112},{"id":134,"name":135,"tactic":218},{"name":112},{"id":220,"name":221,"techniques":222},"CAPEC-169","Footprinting",[223,231,239],{"id":224,"name":225,"tactics":226,"countermeasures":230},"T1217","Browser Information Discovery",[227],{"id":228,"name":229},"TA0102","Discovery",[],{"id":232,"name":233,"tactics":234,"countermeasures":238},"T1592","Gather Victim Host Information",[235],{"id":236,"name":237},"TA0043","Reconnaissance",[],{"id":240,"name":241,"tactics":242,"countermeasures":244},"T1595","Active Scanning",[243],{"id":236,"name":237},[],{"id":246,"name":247,"techniques":248},"CAPEC-22","Exploiting Trust in Client",[],{"id":250,"name":251,"techniques":252},"CAPEC-224","Fingerprinting",[],{"id":254,"name":255,"techniques":256},"CAPEC-285","ICMP Echo Request Ping",[],{"id":258,"name":259,"techniques":260},"CAPEC-287","TCP SYN Scan",[],{"id":262,"name":263,"techniques":264},"CAPEC-290","Enumerate Mail Exchange (MX) Records",[],{"id":266,"name":267,"techniques":268},"CAPEC-291","DNS Zone Transfers",[],{"id":270,"name":271,"techniques":272},"CAPEC-292","Host Discovery",[273],{"id":274,"name":275,"tactics":276,"countermeasures":278},"T1018","Remote System Discovery",[277],{"id":228,"name":229},[279,283,285,287,289,293,297,301,305,309,313,317,321,325,327,329,331,333,337,339,341,343,345,347,351,353,355],{"id":280,"name":281,"tactic":282},"D3-SCA","System Call Analysis",{"name":59},{"id":154,"name":155,"tactic":284},{"name":59},{"id":56,"name":57,"tactic":286},{"name":59},{"id":61,"name":62,"tactic":288},{"name":59},{"id":290,"name":291,"tactic":292},"D3-UGLPA","User Geolocation Logon Pattern Analysis",{"name":59},{"id":294,"name":295,"tactic":296},"D3-PMAD","Protocol Metadata Anomaly Detection",{"name":59},{"id":298,"name":299,"tactic":300},"D3-CSPP","Client-server Payload Profiling",{"name":59},{"id":302,"name":303,"tactic":304},"D3-PHDURA","Per Host Download-Upload Ratio Analysis",{"name":59},{"id":306,"name":307,"tactic":308},"D3-NTSA","Network Traffic Signature Analysis",{"name":59},{"id":310,"name":311,"tactic":312},"D3-APCA","Application Protocol Command Analysis",{"name":59},{"id":314,"name":315,"tactic":316},"D3-NTCD","Network Traffic Community Deviation",{"name":59},{"id":318,"name":319,"tactic":320},"D3-RTSD","Remote Terminal Session Detection",{"name":59},{"id":322,"name":323,"tactic":324},"D3-PSA","Process Spawn Analysis",{"name":59},{"id":73,"name":74,"tactic":326},{"name":76},{"id":82,"name":83,"tactic":328},{"name":85},{"id":96,"name":97,"tactic":330},{"name":90},{"id":105,"name":106,"tactic":332},{"name":103},{"id":334,"name":335,"tactic":336},"D3-SCF","System Call Filtering",{"name":112},{"id":114,"name":115,"tactic":338},{"name":112},{"id":118,"name":119,"tactic":340},{"name":112},{"id":122,"name":123,"tactic":342},{"name":112},{"id":109,"name":110,"tactic":344},{"name":112},{"id":126,"name":127,"tactic":346},{"name":112},{"id":348,"name":349,"tactic":350},"D3-NTF","Network Traffic Filtering",{"name":112},{"id":130,"name":131,"tactic":352},{"name":112},{"id":134,"name":135,"tactic":354},{"name":112},{"id":356,"name":357,"tactic":358},"D3-HBPI","Hardware-based Process Isolation",{"name":112},{"id":360,"name":361,"techniques":362},"CAPEC-293","Traceroute Route Enumeration",[],{"id":364,"name":365,"techniques":366},"CAPEC-294","ICMP Address Mask Request",[],{"id":368,"name":369,"techniques":370},"CAPEC-295","Timestamp Request",[371],{"id":372,"name":373,"tactics":374,"countermeasures":376},"T1124","System Time Discovery",[375],{"id":228,"name":229},[377,379,381,383,385,387],{"id":280,"name":281,"tactic":378},{"name":59},{"id":322,"name":323,"tactic":380},{"name":59},{"id":334,"name":335,"tactic":382},{"name":112},{"id":130,"name":131,"tactic":384},{"name":112},{"id":134,"name":135,"tactic":386},{"name":112},{"id":356,"name":357,"tactic":388},{"name":112},{"id":390,"name":391,"techniques":392},"CAPEC-296","ICMP Information Request",[],{"id":394,"name":395,"techniques":396},"CAPEC-297","TCP ACK Ping",[],{"id":398,"name":399,"techniques":400},"CAPEC-298","UDP Ping",[],{"id":402,"name":403,"techniques":404},"CAPEC-299","TCP SYN Ping",[],{"id":406,"name":407,"techniques":408},"CAPEC-300","Port Scanning",[409],{"id":410,"name":411,"tactics":412,"countermeasures":414},"T1046","Network Service Discovery",[413],{"id":228,"name":229},[],{"id":416,"name":417,"techniques":418},"CAPEC-301","TCP Connect Scan",[],{"id":420,"name":421,"techniques":422},"CAPEC-302","TCP FIN Scan",[],{"id":424,"name":425,"techniques":426},"CAPEC-303","TCP Xmas Scan",[],{"id":428,"name":429,"techniques":430},"CAPEC-304","TCP Null Scan",[],{"id":432,"name":433,"techniques":434},"CAPEC-305","TCP ACK Scan",[],{"id":436,"name":437,"techniques":438},"CAPEC-306","TCP Window Scan",[],{"id":440,"name":441,"techniques":442},"CAPEC-307","TCP RPC Scan",[],{"id":444,"name":445,"techniques":446},"CAPEC-308","UDP Scan",[],{"id":448,"name":449,"techniques":450},"CAPEC-309","Network Topology Mapping",[451,495,505],{"id":452,"name":453,"tactics":454,"countermeasures":456},"T1016","System Network Configuration Discovery",[455],{"id":228,"name":229},[457,459,461,463,465,467,469,471,473,475,477,479,481,483,485,487,489,491,493],{"id":56,"name":57,"tactic":458},{"name":59},{"id":61,"name":62,"tactic":460},{"name":59},{"id":65,"name":66,"tactic":462},{"name":59},{"id":69,"name":70,"tactic":464},{"name":59},{"id":280,"name":281,"tactic":466},{"name":59},{"id":322,"name":323,"tactic":468},{"name":59},{"id":73,"name":74,"tactic":470},{"name":76},{"id":82,"name":83,"tactic":472},{"name":85},{"id":96,"name":97,"tactic":474},{"name":90},{"id":105,"name":106,"tactic":476},{"name":103},{"id":114,"name":115,"tactic":478},{"name":112},{"id":118,"name":119,"tactic":480},{"name":112},{"id":122,"name":123,"tactic":482},{"name":112},{"id":109,"name":110,"tactic":484},{"name":112},{"id":126,"name":127,"tactic":486},{"name":112},{"id":130,"name":131,"tactic":488},{"name":112},{"id":134,"name":135,"tactic":490},{"name":112},{"id":334,"name":335,"tactic":492},{"name":112},{"id":356,"name":357,"tactic":494},{"name":112},{"id":496,"name":497,"tactics":498,"countermeasures":500},"T1049","System Network Connections Discovery",[499],{"id":228,"name":229},[501,503],{"id":280,"name":281,"tactic":502},{"name":59},{"id":334,"name":335,"tactic":504},{"name":112},{"id":506,"name":507,"tactics":508,"countermeasures":510},"T1590","Gather Victim Network Information",[509],{"id":236,"name":237},[],{"id":512,"name":513,"techniques":514},"CAPEC-310","Scanning for Vulnerable Software",[],{"id":516,"name":517,"techniques":518},"CAPEC-312","Active OS Fingerprinting",[519],{"id":520,"name":521,"tactics":522,"countermeasures":524},"T1082","System Information Discovery",[523],{"id":228,"name":229},[525,527,529,533,535,537,539],{"id":280,"name":281,"tactic":526},{"name":59},{"id":322,"name":323,"tactic":528},{"name":59},{"id":530,"name":531,"tactic":532},"D3-DE","Decoy Environment",{"name":85},{"id":334,"name":335,"tactic":534},{"name":112},{"id":130,"name":131,"tactic":536},{"name":112},{"id":134,"name":135,"tactic":538},{"name":112},{"id":356,"name":357,"tactic":540},{"name":112},{"id":542,"name":543,"techniques":544},"CAPEC-313","Passive OS Fingerprinting",[545],{"id":520,"name":521,"tactics":546,"countermeasures":548},[547],{"id":228,"name":229},[549,551,553,555,557,559,561],{"id":280,"name":281,"tactic":550},{"name":59},{"id":322,"name":323,"tactic":552},{"name":59},{"id":530,"name":531,"tactic":554},{"name":85},{"id":334,"name":335,"tactic":556},{"name":112},{"id":130,"name":131,"tactic":558},{"name":112},{"id":134,"name":135,"tactic":560},{"name":112},{"id":356,"name":357,"tactic":562},{"name":112},{"id":564,"name":565,"techniques":566},"CAPEC-317","IP ID Sequencing Probe",[],{"id":568,"name":569,"techniques":570},"CAPEC-318","IP 'ID' Echoed Byte-Order Probe",[],{"id":572,"name":573,"techniques":574},"CAPEC-319","IP (DF) 'Don't Fragment Bit' Echoing Probe",[],{"id":576,"name":577,"techniques":578},"CAPEC-320","TCP Timestamp Probe",[],{"id":580,"name":581,"techniques":582},"CAPEC-321","TCP Sequence Number Probe",[],{"id":584,"name":585,"techniques":586},"CAPEC-322","TCP (ISN) Greatest Common Divisor Probe",[],{"id":588,"name":589,"techniques":590},"CAPEC-323","TCP (ISN) Counter Rate Probe",[],{"id":592,"name":593,"techniques":594},"CAPEC-324","TCP (ISN) Sequence Predictability Probe",[],{"id":596,"name":597,"techniques":598},"CAPEC-325","TCP Congestion Control Flag (ECN) Probe",[],{"id":600,"name":601,"techniques":602},"CAPEC-326","TCP Initial Window Size Probe",[],{"id":604,"name":605,"techniques":606},"CAPEC-327","TCP Options Probe",[],{"id":608,"name":609,"techniques":610},"CAPEC-328","TCP 'RST' Flag Checksum Probe",[],{"id":612,"name":613,"techniques":614},"CAPEC-329","ICMP Error Message Quoting Probe",[],{"id":616,"name":617,"techniques":618},"CAPEC-330","ICMP Error Message Echoing Integrity Probe",[],{"id":620,"name":621,"techniques":622},"CAPEC-472","Browser Fingerprinting",[],{"id":624,"name":625,"techniques":626},"CAPEC-497","File Discovery",[627],{"id":628,"name":629,"tactics":630,"countermeasures":632},"T1083","File and Directory Discovery",[631],{"id":228,"name":229},[633,635,637,639,641,643,645,647,649,651,653],{"id":56,"name":57,"tactic":634},{"name":59},{"id":61,"name":62,"tactic":636},{"name":59},{"id":73,"name":74,"tactic":638},{"name":76},{"id":82,"name":83,"tactic":640},{"name":85},{"id":96,"name":97,"tactic":642},{"name":90},{"id":105,"name":106,"tactic":644},{"name":103},{"id":118,"name":119,"tactic":646},{"name":112},{"id":114,"name":115,"tactic":648},{"name":112},{"id":122,"name":123,"tactic":650},{"name":112},{"id":109,"name":110,"tactic":652},{"name":112},{"id":126,"name":127,"tactic":654},{"name":112},{"id":656,"name":657,"techniques":658},"CAPEC-508","Shoulder Surfing",[],{"id":660,"name":661,"techniques":662},"CAPEC-573","Process Footprinting",[663],{"id":664,"name":665,"tactics":666,"countermeasures":668},"T1057","Process Discovery",[667],{"id":228,"name":229},[669,671,673,675,677,679],{"id":280,"name":281,"tactic":670},{"name":59},{"id":322,"name":323,"tactic":672},{"name":59},{"id":334,"name":335,"tactic":674},{"name":112},{"id":130,"name":131,"tactic":676},{"name":112},{"id":134,"name":135,"tactic":678},{"name":112},{"id":356,"name":357,"tactic":680},{"name":112},{"id":682,"name":683,"techniques":684},"CAPEC-574","Services Footprinting",[685],{"id":686,"name":687,"tactics":688,"countermeasures":690},"T1007","System Service Discovery",[689],{"id":228,"name":229},[691,693,695,697,699,701],{"id":280,"name":281,"tactic":692},{"name":59},{"id":322,"name":323,"tactic":694},{"name":59},{"id":334,"name":335,"tactic":696},{"name":112},{"id":130,"name":131,"tactic":698},{"name":112},{"id":134,"name":135,"tactic":700},{"name":112},{"id":356,"name":357,"tactic":702},{"name":112},{"id":704,"name":705,"techniques":706},"CAPEC-575","Account Footprinting",[707],{"id":708,"name":709,"tactics":710,"countermeasures":712},"T1087","Account Discovery",[711],{"id":228,"name":229},[713,717,721,725,729,733,737,741,745],{"id":714,"name":715,"tactic":716},"D3-AM","Access Modeling",{"name":54},{"id":718,"name":719,"tactic":720},"D3-LAM","Local Account Monitoring",{"name":59},{"id":722,"name":723,"tactic":724},"D3-DAM","Domain Account Monitoring",{"name":59},{"id":726,"name":727,"tactic":728},"D3-AL","Account Locking",{"name":76},{"id":730,"name":731,"tactic":732},"D3-AA","Agent Authentication",{"name":90},{"id":734,"name":735,"tactic":736},"D3-CDP","Change Default Password",{"name":90},{"id":738,"name":739,"tactic":740},"D3-ULA","Unlock Account",{"name":103},{"id":742,"name":743,"tactic":744},"D3-RUAA","Restore User Account Access",{"name":103},{"id":746,"name":747,"tactic":748},"D3-UAP","User Account Permissions",{"name":112},{"id":750,"name":751,"techniques":752},"CAPEC-576","Group Permission Footprinting",[753,759],{"id":754,"name":755,"tactics":756,"countermeasures":758},"T1069","Permission Groups Discovery",[757],{"id":228,"name":229},[],{"id":760,"name":761,"tactics":762,"countermeasures":764},"T1615","Group Policy Discovery",[763],{"id":228,"name":229},[765,767,771,773],{"id":51,"name":52,"tactic":766},{"name":54},{"id":768,"name":769,"tactic":770},"D3-NTPM","Network Traffic Policy Mapping",{"name":54},{"id":714,"name":715,"tactic":772},{"name":54},{"id":100,"name":101,"tactic":774},{"name":103},{"id":776,"name":777,"techniques":778},"CAPEC-577","Owner Footprinting",[779],{"id":780,"name":781,"tactics":782,"countermeasures":784},"T1033","System Owner/User Discovery",[783],{"id":228,"name":229},[785,789,791,793,795,799,803,805,807,811,815,819,823,825,827,831,835,837,841,843,845,847,849,851,853,857,859,863,867,871,873],{"id":786,"name":787,"tactic":788},"D3-DI","Data Inventory",{"name":54},{"id":56,"name":57,"tactic":790},{"name":59},{"id":61,"name":62,"tactic":792},{"name":59},{"id":280,"name":281,"tactic":794},{"name":59},{"id":796,"name":797,"tactic":798},"D3-PLA","Process Lineage Analysis",{"name":59},{"id":800,"name":801,"tactic":802},"D3-PSMD","Process Self-Modification Detection",{"name":59},{"id":322,"name":323,"tactic":804},{"name":59},{"id":73,"name":74,"tactic":806},{"name":76},{"id":808,"name":809,"tactic":810},"D3-PT","Process Termination",{"name":76},{"id":812,"name":813,"tactic":814},"D3-PS","Process Suspension",{"name":76},{"id":816,"name":817,"tactic":818},"D3-HR","Host Reboot",{"name":76},{"id":820,"name":821,"tactic":822},"D3-HS","Host Shutdown",{"name":76},{"id":82,"name":83,"tactic":824},{"name":85},{"id":96,"name":97,"tactic":826},{"name":90},{"id":828,"name":829,"tactic":830},"D3-PSEP","Process Segment Execution Prevention",{"name":90},{"id":832,"name":833,"tactic":834},"D3-SAOR","Segment Address Offset Randomization",{"name":90},{"id":105,"name":106,"tactic":836},{"name":103},{"id":838,"name":839,"tactic":840},"D3-RD","Restore Database",{"name":103},{"id":114,"name":115,"tactic":842},{"name":112},{"id":118,"name":119,"tactic":844},{"name":112},{"id":122,"name":123,"tactic":846},{"name":112},{"id":109,"name":110,"tactic":848},{"name":112},{"id":126,"name":127,"tactic":850},{"name":112},{"id":334,"name":335,"tactic":852},{"name":112},{"id":854,"name":855,"tactic":856},"D3-KBPI","Kernel-based Process Isolation",{"name":112},{"id":356,"name":357,"tactic":858},{"name":112},{"id":860,"name":861,"tactic":862},"D3-ABPI","Application-based Process Isolation",{"name":112},{"id":864,"name":865,"tactic":866},"D3-WSAM","Web Session Access Mediation",{"name":112},{"id":868,"name":869,"tactic":870},"D3-DTP","Domain Trust Policy",{"name":112},{"id":130,"name":131,"tactic":872},{"name":112},{"id":134,"name":135,"tactic":874},{"name":112},{"id":876,"name":877,"techniques":878},"CAPEC-59","Session Credential Falsification through Prediction",[],{"id":880,"name":881,"techniques":882},"CAPEC-60","Reusing Session IDs (aka Session Replay)",[883,935],{"id":884,"name":885,"tactics":886,"countermeasures":890},"T1134.001","Token Impersonation/Theft",[887,888,889],{"id":44,"name":45},{"id":47,"name":48},{"id":145,"name":146},[891,895,899,903,907,911,915,919,923,927,931],{"id":892,"name":893,"tactic":894},"D3-CCSA","Credential Compromise Scope Analysis",{"name":59},{"id":896,"name":897,"tactic":898},"D3-CR","Credential Revocation",{"name":76},{"id":900,"name":901,"tactic":902},"D3-ANCI","Authentication Cache Invalidation",{"name":76},{"id":904,"name":905,"tactic":906},"D3-DUC","Decoy User Credential",{"name":85},{"id":908,"name":909,"tactic":910},"D3-CH","Credential Hardening",{"name":90},{"id":912,"name":913,"tactic":914},"D3-MFA","Multi-factor Authentication",{"name":90},{"id":916,"name":917,"tactic":918},"D3-CRO","Credential Rotation",{"name":90},{"id":920,"name":921,"tactic":922},"D3-TB","Token Binding",{"name":90},{"id":924,"name":925,"tactic":926},"D3-TBA","Token-based Authentication",{"name":90},{"id":928,"name":929,"tactic":930},"D3-RIC","Reissue Credential",{"name":103},{"id":932,"name":933,"tactic":934},"D3-CTS","Credential Transmission Scoping",{"name":112},{"id":936,"name":937,"tactics":938,"countermeasures":943},"T1550.004","Web Session Cookie",[939,940],{"id":44,"name":45},{"id":941,"name":942},"TA0109","Lateral Movement",[944,946,948,950,952,954,956,958,960,962,964,966,968,970,972,974,976,978,980,982,984,986,988,990,992,994,996,998,1000,1002],{"id":290,"name":291,"tactic":945},{"name":59},{"id":294,"name":295,"tactic":947},{"name":59},{"id":298,"name":299,"tactic":949},{"name":59},{"id":302,"name":303,"tactic":951},{"name":59},{"id":306,"name":307,"tactic":953},{"name":59},{"id":310,"name":311,"tactic":955},{"name":59},{"id":314,"name":315,"tactic":957},{"name":59},{"id":318,"name":319,"tactic":959},{"name":59},{"id":796,"name":797,"tactic":961},{"name":59},{"id":800,"name":801,"tactic":963},{"name":59},{"id":322,"name":323,"tactic":965},{"name":59},{"id":892,"name":893,"tactic":967},{"name":59},{"id":808,"name":809,"tactic":969},{"name":76},{"id":812,"name":813,"tactic":971},{"name":76},{"id":816,"name":817,"tactic":973},{"name":76},{"id":820,"name":821,"tactic":975},{"name":76},{"id":896,"name":897,"tactic":977},{"name":76},{"id":900,"name":901,"tactic":979},{"name":76},{"id":904,"name":905,"tactic":981},{"name":85},{"id":908,"name":909,"tactic":983},{"name":90},{"id":912,"name":913,"tactic":985},{"name":90},{"id":916,"name":917,"tactic":987},{"name":90},{"id":928,"name":929,"tactic":989},{"name":103},{"id":348,"name":349,"tactic":991},{"name":112},{"id":854,"name":855,"tactic":993},{"name":112},{"id":334,"name":335,"tactic":995},{"name":112},{"id":356,"name":357,"tactic":997},{"name":112},{"id":860,"name":861,"tactic":999},{"name":112},{"id":864,"name":865,"tactic":1001},{"name":112},{"id":932,"name":933,"tactic":1003},{"name":112},{"id":1005,"name":1006,"techniques":1007},"CAPEC-616","Establish Rogue Location",[1008],{"id":1009,"name":1010,"tactics":1011,"countermeasures":1014},"T1036.005","Match Legitimate Resource Name or Location",[1012,1013],{"id":44,"name":45},{"id":47,"name":48},[1015,1017,1019,1021,1023,1025,1027,1029,1031,1033,1035,1037,1039],{"id":280,"name":281,"tactic":1016},{"name":59},{"id":56,"name":57,"tactic":1018},{"name":59},{"id":61,"name":62,"tactic":1020},{"name":59},{"id":73,"name":74,"tactic":1022},{"name":76},{"id":82,"name":83,"tactic":1024},{"name":85},{"id":96,"name":97,"tactic":1026},{"name":90},{"id":105,"name":106,"tactic":1028},{"name":103},{"id":334,"name":335,"tactic":1030},{"name":112},{"id":114,"name":115,"tactic":1032},{"name":112},{"id":118,"name":119,"tactic":1034},{"name":112},{"id":122,"name":123,"tactic":1036},{"name":112},{"id":109,"name":110,"tactic":1038},{"name":112},{"id":126,"name":127,"tactic":1040},{"name":112},{"id":1042,"name":1043,"techniques":1044},"CAPEC-643","Identify Shared Files/Directories on System",[1045],{"id":1046,"name":1047,"tactics":1048,"countermeasures":1050},"T1135","Network Share Discovery",[1049],{"id":228,"name":229},[],{"id":1052,"name":1053,"techniques":1054},"CAPEC-646","Peripheral Footprinting",[1055],{"id":1056,"name":1057,"tactics":1058,"countermeasures":1060},"T1120","Peripheral Device Discovery",[1059],{"id":228,"name":229},[],{"id":1062,"name":1063,"techniques":1064},"CAPEC-651","Eavesdropping",[1065],{"id":1066,"name":1067,"tactics":1068,"countermeasures":1072},"T1111","Multi-Factor Authentication Interception",[1069],{"id":1070,"name":1071},"TA0031","Credential Access",[1073,1077],{"id":1074,"name":1075,"tactic":1076},"D3-HCI","Hardware Component Inventory",{"name":54},{"id":1078,"name":1079,"tactic":1080},"D3-RH","Radiation Hardening",{"name":90},{"id":1082,"name":1083,"techniques":1084},"CAPEC-79","Using Slashes in Alternate Encoding",[],[1086],{"_key":1087,"name":1088,"source":1089,"url":1090,"maturity":1091,"reliability_score":1092,"verified":1093,"type":9,"platforms":1094,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_FD88B9A62426E9E2","Exploit Reference (huntr.dev)","reference","https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7","unknown",0.2,false,[],[1096],"GHSA-r683-j2x4-v87g",[],[1099,1101,1103,1105,1107,1109,1111,1113,1115,1117,1119,1121,1123],{"_key":1100},"SUSE-SU-2022:1461-1",{"_key":1102},"SUSE-SU-2022:1459-1",{"_key":1104},"SUSE-SU-2022:1466-1",{"_key":1106},"UBUNTU-CVE-2022-0235",{"_key":1108},"USN-6158-1",{"_key":1110},"SUSE-SU-2022:1462-1",{"_key":1112},"SUSE-SU-2022:1694-1",{"_key":1114},"SUSE-SU-2022:1717-1",{"_key":1116},"DLA-3222-1",{"_key":1118},"DEBIAN-CVE-2022-0235",{"_key":1120},"RHSA-2023:0050",{"_key":1122},"RHSA-2023:0612",{"_key":1124},"RHSA-2023:1742",[],[1127,1128,1129,1130,1131,1132],{"_key":1100},{"_key":1102},{"_key":1104},{"_key":1110},{"_key":1112},{"_key":1114},"2022-01-16T00:00:00.000Z","2024-08-02T23:18:42.930Z","Modified",{"cisa_kev":1093,"cisa_ransomware":1093,"cisa_vendor":9,"epss_severity":1137,"epss_score":1138,"severity":1139,"severity_score":1140,"severity_version":1141,"severity_source":1142,"severity_vector":1143,"severity_status":1135},"low",0.0029,"high",8.8,"v3.0","cve.org","CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",[1145,1153,1158,1162,1167,1172,1176,1180,1184,1188],{"url":1090,"sources":1146,"tags":1149},[1142,1147,1148],"nvd","osv_npm",[1150,1151,1152],"Exploit","Third Party Advisory","WEB",{"url":1154,"sources":1155,"tags":1156},"https://github.com/node-fetch/node-fetch/commit/36e47e8a6406185921e4985dcbeff140d73eaa10",[1142,1147,1148],[1157,1151,1152],"Patch",{"url":1159,"sources":1160,"tags":1161},"https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf",[1142,1147,1148],[1157,1151,1152],{"url":1163,"sources":1164,"tags":1165},"https://lists.debian.org/debian-lts-announce/2022/12/msg00007.html",[1142,1147,1148],[1166,1151,1152],"Mailing List",{"url":1168,"sources":1169,"tags":1170},"https://nvd.nist.gov/vuln/detail/CVE-2022-0235",[1148],[1171],"Advisory",{"url":1173,"sources":1174,"tags":1175},"https://github.com/node-fetch/node-fetch/pull/1449/commits/5c32f002fdd65b1c6a8f1e3620210813d45c7e60",[1148],[1152],{"url":1177,"sources":1178,"tags":1179},"https://github.com/node-fetch/node-fetch/pull/1453",[1148],[1152],{"url":1181,"sources":1182,"tags":1183},"https://github.com/node-fetch/node-fetch/commit/1ef4b560a17e644a02a3bfdea7631ffeee578b35",[1148],[1152],{"url":1185,"sources":1186,"tags":1187},"https://github.com/node-fetch/node-fetch/commit/5c32f002fdd65b1c6a8f1e3620210813d45c7e60",[1148],[1152],{"url":1189,"sources":1190,"tags":1191},"https://github.com/node-fetch/node-fetch",[1148],[1192],"PACKAGE",[],{"date":1195,"score":1138,"percentile":1196},"2026-06-04",0.52642,[1198,1202,1205,1208,1211,1214,1217,1220,1222,1225,1228,1231,1234,1236,1239,1243,1246,1249,1252,1255,1257,1260,1262,1265,1267,1270,1273,1276,1280,1283,1286,1288,1291,1294,1297,1299,1302,1305,1308,1311,1314,1317,1319,1322,1325,1328,1331,1334,1337,1340,1342,1345,1348,1351,1355,1358,1361,1364,1367,1371,1374,1377,1381,1384,1387,1390,1393,1396,1399,1402,1405,1408,1411,1414,1417,1420,1423,1426,1428,1431,1434,1437,1440,1443,1446,1449,1452,1455,1458,1461],{"date":1199,"score":1200,"percentile":1201},"2025-11-04",0.00512,0.65614,{"date":1203,"score":1200,"percentile":1204},"2025-11-05",0.65592,{"date":1206,"score":1200,"percentile":1207},"2025-11-06",0.65589,{"date":1209,"score":1200,"percentile":1210},"2025-11-07",0.65599,{"date":1212,"score":1200,"percentile":1213},"2025-11-08",0.65598,{"date":1215,"score":1200,"percentile":1216},"2025-11-09",0.65587,{"date":1218,"score":1200,"percentile":1219},"2025-11-10",0.65578,{"date":1221,"score":1200,"percentile":1216},"2025-11-11",{"date":1223,"score":1200,"percentile":1224},"2025-11-12",0.65609,{"date":1226,"score":1200,"percentile":1227},"2025-11-13",0.65617,{"date":1229,"score":1200,"percentile":1230},"2025-11-14",0.65626,{"date":1232,"score":1200,"percentile":1233},"2025-11-15",0.65623,{"date":1235,"score":1200,"percentile":1227},"2025-11-16",{"date":1237,"score":1200,"percentile":1238},"2025-11-17",0.65618,{"date":1240,"score":1241,"percentile":1242},"2025-11-18",0.00368,0.55872,{"date":1244,"score":1241,"percentile":1245},"2025-11-19",0.55887,{"date":1247,"score":1241,"percentile":1248},"2025-11-20",0.55878,{"date":1250,"score":1200,"percentile":1251},"2025-11-21",0.65635,{"date":1253,"score":1200,"percentile":1254},"2025-11-22",0.65639,{"date":1256,"score":1200,"percentile":1230},"2025-11-23",{"date":1258,"score":1200,"percentile":1259},"2025-11-24",0.65611,{"date":1261,"score":1200,"percentile":1201},"2025-11-25",{"date":1263,"score":1200,"percentile":1264},"2025-11-26",0.65621,{"date":1266,"score":1200,"percentile":1230},"2025-11-27",{"date":1268,"score":1200,"percentile":1269},"2025-11-28",0.6561,{"date":1271,"score":1200,"percentile":1272},"2025-11-29",0.65591,{"date":1274,"score":1200,"percentile":1275},"2025-11-30",0.65586,{"date":1277,"score":1278,"percentile":1279},"2025-12-01",0.0032,0.54574,{"date":1281,"score":1278,"percentile":1282},"2025-12-02",0.5459,{"date":1284,"score":1278,"percentile":1285},"2025-12-03",0.54583,{"date":1287,"score":1200,"percentile":1216},"2025-12-04",{"date":1289,"score":1200,"percentile":1290},"2025-12-05",0.65601,{"date":1292,"score":1200,"percentile":1293},"2025-12-06",0.65607,{"date":1295,"score":1200,"percentile":1296},"2025-12-07",0.65604,{"date":1298,"score":1200,"percentile":1269},"2025-12-08",{"date":1300,"score":1200,"percentile":1301},"2025-12-09",0.6564,{"date":1303,"score":1200,"percentile":1304},"2025-12-10",0.65688,{"date":1306,"score":1200,"percentile":1307},"2025-12-11",0.65708,{"date":1309,"score":1200,"percentile":1310},"2025-12-12",0.65731,{"date":1312,"score":1200,"percentile":1313},"2025-12-13",0.65734,{"date":1315,"score":1200,"percentile":1316},"2025-12-14",0.65735,{"date":1318,"score":1200,"percentile":1310},"2025-12-15",{"date":1320,"score":1200,"percentile":1321},"2025-12-16",0.65746,{"date":1323,"score":1200,"percentile":1324},"2025-12-17",0.65762,{"date":1326,"score":1200,"percentile":1327},"2025-12-18",0.65801,{"date":1329,"score":1200,"percentile":1330},"2025-12-19",0.65815,{"date":1332,"score":1200,"percentile":1333},"2025-12-20",0.65812,{"date":1335,"score":1200,"percentile":1336},"2025-12-21",0.65805,{"date":1338,"score":1200,"percentile":1339},"2025-12-22",0.658,{"date":1341,"score":1200,"percentile":1327},"2025-12-23",{"date":1343,"score":1200,"percentile":1344},"2025-12-24",0.6581,{"date":1346,"score":1200,"percentile":1347},"2025-12-25",0.65837,{"date":1349,"score":1200,"percentile":1350},"2025-12-26",0.65836,{"date":1352,"score":1353,"percentile":1354},"2025-12-27",0.00477,0.64342,{"date":1356,"score":1353,"percentile":1357},"2025-12-28",0.64269,{"date":1359,"score":1353,"percentile":1360},"2025-12-29",0.64258,{"date":1362,"score":1353,"percentile":1363},"2025-12-30",0.64275,{"date":1365,"score":1353,"percentile":1366},"2025-12-31",0.64299,{"date":1368,"score":1369,"percentile":1370},"2026-01-01",0.00303,0.53333,{"date":1372,"score":1369,"percentile":1373},"2026-01-02",0.53309,{"date":1375,"score":1369,"percentile":1376},"2026-01-03",0.53303,{"date":1378,"score":1379,"percentile":1380},"2026-01-04",0.00647,0.70176,{"date":1382,"score":1379,"percentile":1383},"2026-01-05",0.70168,{"date":1385,"score":1379,"percentile":1386},"2026-01-06",0.70173,{"date":1388,"score":1379,"percentile":1389},"2026-01-07",0.70188,{"date":1391,"score":1379,"percentile":1392},"2026-01-08",0.70204,{"date":1394,"score":1379,"percentile":1395},"2026-01-09",0.70209,{"date":1397,"score":1379,"percentile":1398},"2026-01-10",0.7021,{"date":1400,"score":1379,"percentile":1401},"2026-01-11",0.70203,{"date":1403,"score":1379,"percentile":1404},"2026-01-12",0.70197,{"date":1406,"score":1379,"percentile":1407},"2026-01-13",0.70194,{"date":1409,"score":1379,"percentile":1410},"2026-01-14",0.70222,{"date":1412,"score":1379,"percentile":1413},"2026-01-15",0.70228,{"date":1415,"score":1379,"percentile":1416},"2026-01-16",0.70247,{"date":1418,"score":1379,"percentile":1419},"2026-01-17",0.70239,{"date":1421,"score":1379,"percentile":1422},"2026-01-18",0.70219,{"date":1424,"score":1379,"percentile":1425},"2026-01-19",0.70211,{"date":1427,"score":1379,"percentile":1422},"2026-01-20",{"date":1429,"score":1379,"percentile":1430},"2026-01-21",0.70223,{"date":1432,"score":1379,"percentile":1433},"2026-01-22",0.70235,{"date":1435,"score":1379,"percentile":1436},"2026-01-23",0.70267,{"date":1438,"score":1379,"percentile":1439},"2026-01-24",0.70272,{"date":1441,"score":1379,"percentile":1442},"2026-01-25",0.70243,{"date":1444,"score":1379,"percentile":1445},"2026-01-26",0.70238,{"date":1447,"score":1379,"percentile":1448},"2026-01-27",0.70241,{"date":1450,"score":1379,"percentile":1451},"2026-01-28",0.70256,{"date":1453,"score":1379,"percentile":1454},"2026-01-29",0.70255,{"date":1456,"score":1379,"percentile":1457},"2026-01-30",0.70265,{"date":1459,"score":1379,"percentile":1460},"2026-01-31",0.7027,{"date":1462,"score":1463,"percentile":1464},"2026-02-01",0.00411,0.61013,[1466,1471,1483],{"source":1142,"cvss_v2_0":9,"cvss_v3_0":1467,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":1140,"baseSeverity":1468,"vectorString":1143,"impactScore":1469,"exploitabilityScore":1470},"HIGH",9.8,7.2,{"source":1147,"cvss_v2_0":1472,"cvss_v3_0":1477,"cvss_v3_1":1478,"cvss_v4_0":9},{"baseScore":1473,"baseSeverity":9,"vectorString":1474,"impactScore":1475,"exploitabilityScore":1476},5.8,"AV:N/AC:M/Au:N/C:P/I:P/A:N",4.9,8.6,{"baseScore":1140,"baseSeverity":1468,"vectorString":1143,"impactScore":1469,"exploitabilityScore":1470},{"baseScore":1479,"baseSeverity":1480,"vectorString":1481,"impactScore":1482,"exploitabilityScore":1470},6.1,"MEDIUM","CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",4.5,{"source":1148,"cvss_v2_0":9,"cvss_v3_0":1484,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":1140,"baseSeverity":9,"vectorString":1143,"impactScore":1469,"exploitabilityScore":1470},[1486,1495,1510,1516,1525],{"ecosystem":9,"name":1487,"vendor":1488,"product":1489,"cpe_part":1490,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":1491},"debian linux","debian","debian_linux","o",[1492],{"version":1493,"is_range":1093,"range_type":1494,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.0","cpe",{"ecosystem":9,"name":1496,"vendor":1497,"product":1496,"cpe_part":1498,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":1499},"node-fetch","node-fetch_project","a",[1500,1505],{"version":1501,"is_range":1502,"range_type":1494,"version_start":9,"version_start_type":9,"version_end":1503,"version_end_type":1504,"fixed_in":9},"lt2.6.7",true,"2.6.7","excluding",{"version":1506,"is_range":1502,"range_type":1494,"version_start":1507,"version_start_type":1508,"version_end":1509,"version_end_type":1504,"fixed_in":9},"gte3.0.0_lt3.1.1","3.0.0","including","3.1.1",{"ecosystem":9,"name":1511,"vendor":1496,"product":1511,"cpe_part":1498,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":1512},"node-fetch/node-fetch",[1513],{"version":1514,"is_range":1502,"range_type":1142,"version_start":1515,"version_start_type":1508,"version_end":1509,"version_end_type":1504,"fixed_in":9},">= unspecified, \u003C 3.1.1","unspecified",{"ecosystem":1517,"name":1496,"vendor":1517,"product":1496,"cpe_part":9,"purl_type":1518,"purl_namespace":9,"purl_name":1496,"source":9,"versions":1519},"Npm","npm",[1520,1523],{"version":1521,"is_range":1502,"range_type":1522,"version_start":1507,"version_start_type":1508,"version_end":1509,"version_end_type":1504,"fixed_in":9},"gte3_0_0_lt3_1_1","semver",{"version":1524,"is_range":1502,"range_type":1522,"version_start":9,"version_start_type":9,"version_end":1503,"version_end_type":1504,"fixed_in":9},"lt2_6_7",{"ecosystem":9,"name":1526,"vendor":1527,"product":1528,"cpe_part":1498,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":1529},"sinec ins","siemens","sinec_ins",[1530,1533,1534],{"version":1531,"is_range":1502,"range_type":1494,"version_start":9,"version_start_type":9,"version_end":1532,"version_end_type":1504,"fixed_in":9},"lt1.0","1.0",{"version":1532,"is_range":1093,"range_type":1494,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":1535,"is_range":1093,"range_type":1494,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.0:sp1"]