CVE-2025-15284

Improper Input Validation vulnerability in qs parse modules allows HTTP DoS.This issue affects qs: 6.14.1. Summary The arrayLimit option in qs did not enforce limits for bracket notation a=1&a=2, only for indexed notation a0=1. This is a consistency bug; arrayLimit should apply uniformly across a...

EUVD-2025-31054

Malicious code in bioql PyPI...

Prototype Pollution

Overview parse is a library that gives you access to the powerful Parse Server backend from your JavaScript app. Affected versions of this package are vulnerable to Prototype Pollution via the initializeState function. An attacker can cause a denial of service by injecting malicious properties in...

CVE-2025-57324

parse is a package designed to parse JavaScript SDK. A Prototype Pollution vulnerability in the SingleInstanceStateController.initializeState function of parse version 5.3.0 and before allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of...

UBUNTU-CVE-2022-0691

Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.9...

UBUNTU-CVE-2022-0686

Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.8...

UBUNTU-CVE-2022-0512

Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.6...

GHSA-46C4-8WRP-J99V Improper Validation and Sanitization in url-parse

Insufficient validation and sanitization of user input exists in url-parse npm package version 1.4.4 and earlier may allow attacker to bypass security checks...

GHSA-HH27-FFR2-F2JC Open redirect in url-parse

Overview Affected versions of npm url-parse are vulnerable to URL Redirection to Untrusted Site. Impact Depending on library usage and attacker intent, impacts may include allow/block list bypasses, SSRF attacks, open redirects, or other undesired behavior...

UBUNTU-CVE-2021-3664

url-parse is vulnerable to URL Redirection to Untrusted Site...