Filtered by vendor Url-parse Project
Subscriptions
Filtered by product Url-parse
Subscriptions
Total
8 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-0691 | 1 Url-parse Project | 1 Url-parse | 2023-02-23 | 9.8 Critical |
| Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.9. | ||||
| CVE-2022-0686 | 1 Url-parse Project | 1 Url-parse | 2023-02-23 | 9.1 Critical |
| Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.8. | ||||
| CVE-2022-0639 | 1 Url-parse Project | 1 Url-parse | 2023-02-23 | 5.3 Medium |
| Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.7. | ||||
| CVE-2022-0512 | 1 Url-parse Project | 1 Url-parse | 2023-02-23 | 5.3 Medium |
| Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.6. | ||||
| CVE-2021-3664 | 1 Url-parse Project | 1 Url-parse | 2023-02-23 | 5.3 Medium |
| url-parse is vulnerable to URL Redirection to Untrusted Site | ||||
| CVE-2021-27515 | 1 Url-parse Project | 1 Url-parse | 2023-02-23 | 5.3 Medium |
| url-parse before 1.5.0 mishandles certain uses of backslash such as http:\/ and interprets the URI as a relative path. | ||||
| CVE-2020-8124 | 1 Url-parse Project | 1 Url-parse | 2020-02-18 | 5.3 Medium |
| Insufficient validation and sanitization of user input exists in url-parse npm package version 1.4.4 and earlier may allow attacker to bypass security checks. | ||||
| CVE-2018-3774 | 1 Url-parse Project | 1 Url-parse | 2019-10-09 | N/A |
| Incorrect parsing in url-parse <1.4.3 returns wrong hostname which leads to multiple vulnerabilities such as SSRF, Open Redirect, Bypass Authentication Protocol. | ||||
Page 1 of 1.