Back

Multiple Vulnerabilities in Ubuntu Follow-Redirects Expose User Data

Severity: Medium (Score: 57.9)

Sources: Ubuntu, Linuxsecurity

Summary

A series of vulnerabilities were identified in the follow-redirects module affecting Ubuntu 18.04 LTS, 20.04 LTS, and 22.04 LTS. These vulnerabilities include improper handling of sensitive user information during redirects, potentially allowing attackers to expose sensitive data (CVE-2022-0155, CVE-2022-0536). Additionally, issues with URL validation (CVE-2023-26159) and proxy authentication headers (CVE-2024-28849) were discovered, which could lead to phishing attacks and credential exposure. The vulnerabilities primarily affect users of the node-follow-redirects module, which is used for HTTP(S) redirects in Node.js applications. Affected users are advised to update their systems to mitigate these risks. The vulnerabilities were reported on April 28, 2026, with patches available for all affected Ubuntu versions. The issues pose a significant risk to user data security across multiple Ubuntu releases. Key Points: • Four vulnerabilities identified in the follow-redirects module for Ubuntu. • CVE-2022-0155 and CVE-2022-0536 allow sensitive data exposure during redirects. • CVE-2023-26159 and CVE-2024-28849 increase risks of phishing and credential theft.

Key Entities

  • Data Breach (attack_type)
  • Phishing (attack_type)
  • CVE-2022-0155 (cve)
  • CVE-2022-0536 (cve)
  • CVE-2023-26159 (cve)
  • CVE-2024-28849 (cve)
  • CWE-200 - Exposure of Sensitive Information (cwe)
  • Cwe-601 - Open Redirect (cwe)
  • T1041 - Exfiltration Over C2 Channel (mitre_attack)
  • T1566 - Phishing (mitre_attack)
  • T1567 - Exfiltration Over Web Service (mitre_attack)
  • Ubuntu (company)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed