RSS   Vulnerabilities for 'Url-parse'   RSS

2022-02-21
 
CVE-2022-0691

CWE-639
 

 
Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.9.

 
2022-02-17
 
CVE-2022-0639

CWE-639
 

 
Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.7.

 
2021-07-26
 
CVE-2021-3664

CWE-601
 

 
url-parse is vulnerable to URL Redirection to Untrusted Site

 
2021-02-22
 
CVE-2021-27515

NVD-CWE-noinfo
 

 
url-parse before 1.5.0 mishandles certain uses of backslash such as http:\/ and interprets the URI as a relative path.

 
2020-02-04
 
CVE-2020-8124

CWE-20
 

 
Insufficient validation and sanitization of user input exists in url-parse npm package version 1.4.4 and earlier may allow attacker to bypass security checks.

 


Copyright 2024, cxsecurity.com

 

Back to Top