This affects all versions of package react-native-fast-image. When an image with source={{uri: "...", headers: { host: "somehost.com", authorization: "..." }} is loaded, all other subsequent images will use the same headers, this can lead to signing credentials or other session tokens being leaked to other servers.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| react-native-fast-image(npm) | 0 | 8.3.0 | N/A |
CVSS Metrics
