Filtered by vendor Url-parse Project
Subscribe
Search
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-27515 | 1 Url-parse Project | 1 Url-parse | 2022-05-23 | 5.0 MEDIUM | 5.3 MEDIUM |
| url-parse before 1.5.0 mishandles certain uses of backslash such as http:\/ and interprets the URI as a relative path. | |||||
| CVE-2022-0639 | 1 Url-parse Project | 1 Url-parse | 2022-02-25 | 5.0 MEDIUM | 5.3 MEDIUM |
| Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.7. | |||||
| CVE-2022-0512 | 1 Url-parse Project | 1 Url-parse | 2022-02-23 | 5.0 MEDIUM | 5.3 MEDIUM |
| Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.6. | |||||
| CVE-2021-3664 | 1 Url-parse Project | 1 Url-parse | 2021-08-05 | 5.0 MEDIUM | 5.3 MEDIUM |
| url-parse is vulnerable to URL Redirection to Untrusted Site | |||||
| CVE-2020-8124 | 1 Url-parse Project | 1 Url-parse | 2020-02-18 | 5.0 MEDIUM | 5.3 MEDIUM |
| Insufficient validation and sanitization of user input exists in url-parse npm package version 1.4.4 and earlier may allow attacker to bypass security checks. | |||||