Follow-redirects
This hub aggregates every CVE we track for Follow-redirects, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
5
CVEs tracked
0
Critical
2
High
0
In CISA KEV
Severity distribution
HIGH2MEDIUM2LOW1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
2024-072026-06
Latest CVEs
The 5 most recently published vulnerabilities affecting Follow-redirects.
- CVE-2026-40895follow-redirects: Custom Authentication Headers Leaked to Cross-Domain Redirect Targets7.5
- CVE-2024-28849Proxy-Authorization header kept across hosts in follow-redirects6.5
- CVE-2023-26159Versions of the package follow-redirects before 1.15.4 are vulnerable to Improper Input Validation due to the improper handling of URLs by the url.parse() function. When new URL() throws an error, ...7.3
- CVE-2022-0536Improper Removal of Sensitive Information Before Storage or Transfer in follow-redirects/follow-redirects2.6
- CVE-2022-0155Exposure of Private Personal Information to an Unauthorized Actor in follow-redirects/follow-redirects6.5
Product normalization is registry-driven with AI assist and human review. How it works