8 matches found
[SECURITY] [DLA 3336-1] node-url-parse security update
Debian LTS Advisory DLA-3336-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin February 23, 2023 https://wiki.debian.org/LTS Package : node-url-parse Version : 1.2.0-2+deb10u2 CVE ID : CVE-2021-3664 CVE-2021-27515 CVE-2022-0512 CVE-2022-0639 CVE-2022-0686...
Debian: Security Advisory (DLA-3336-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2022-0512
An authorization bypass vulnerability was found in nodes-url-parse. This flaw allows a remote attacker with a basic user account to evade hostname verification by inserting the at symbol "@" at the end of the password field. This issue can allow entry to systems designed to block remote access an...
CVE-2022-0512
Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.6...
CVE-2022-0512
CVE-2022-0512 targets the unshift.io url-parse (NPM) package; authorization bypass is due to improper handling of username/password in the URL, affecting various Node.js/UNSHIFTED URL-parse deployments prior to version 1.5.6. Public advisories (Debian/Ubuntu IBM Spectrum Discover and other feeds)...
CVE-2022-0512 Authorization Bypass Through User-Controlled Key in unshiftio/url-parse
Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.6...
CVE-2022-0512
Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.6...
CVE-2022-0512 Authorization Bypass Through User-Controlled Key in unshiftio/url-parse
Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.6...