Url-parse Project CVE

Filtered by vendor Url-parse Project Subscribe

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2022-0691	1 Url-parse Project	1 Url-parse	2022-02-28	7.5 HIGH	9.8 CRITICAL
Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.9.
CVE-2018-3774	1 Url-parse Project	1 Url-parse	2019-10-09	7.5 HIGH	10.0 CRITICAL
Incorrect parsing in url-parse <1.4.3 returns wrong hostname which leads to multiple vulnerabilities such as SSRF, Open Redirect, Bypass Authentication Protocol.

Vulnerabilities (CVE)