Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2023/02/23 12:0 a.m.41 views

Debian dla-3336 : node-url-parse - security update

The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3336 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3336-1 [email protected]...

9.8CVSS6.8AI score0.0222EPSS
Exploits6References14
Huntr
Huntr
added 2021/07/08 8:10 a.m.21 views

Open Redirect in ionicabizau/parse-url

✍️ Description parse-url mishandles certain uses of backslash such as https:/\ and interprets the URI as a relative path. Browsers accept backslashes after the protocol, and treat it as a normal slash, while parse-url sees it as a relative path. Which will lead to SSRF attacks, open redirects, or...

0.6AI score0.02483EPSS
Exploits2
Node.js
Node.js
added 2021/05/06 4:15 p.m.44 views

Path traversal

Overview url-parse before 1.5.0 mishandles certain uses of backslash such as http:/ and interprets the URI as a relative path. Recommendation Upgrade to version 1.5.0 or later References - CVE - GitHub Advisory...

5CVSS2.1AI score0.01964EPSS
Exploits1Affected Software1
OSV
OSV
added 2021/02/22 12:15 a.m.18 views

CVE-2021-27516

URI.js aka urijs before 1.19.6 mishandles certain uses of backslash such as http:/ and interprets the URI as a relative path...

7.5CVSS6.7AI score
Exploits0References3
UbuntuCve
UbuntuCve
added 2021/02/22 12:15 a.m.27 views

CVE-2021-27515

url-parse before 1.5.0 mishandles certain uses of backslash such as http:/ and interprets the URI as a relative path...

5.3CVSS6.8AI score0.01964EPSS
Exploits1References5
Cvelist
Cvelist
added 2021/02/21 12:0 a.m.33 views

CVE-2021-27515

url-parse before 1.5.0 mishandles certain uses of backslash such as http:/ and interprets the URI as a relative path...

7.4AI score0.01964EPSS
Exploits1References5
Rows per page
Query Builder