node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor
The MITRE CVE dictionary describes this issue as: