22 matches found
CVE-2022-0868
Open Redirect in GitHub repository medialize/uri.js prior to 1.19.10...
EUVD-2022-1378
Malicious code in bioql PyPI...
EUVD-2022-1737
Malicious code in bioql PyPI...
EUVD-2022-1612
Malicious code in bioql PyPI...
CVE-2022-1243
CRHTLF can lead to invalid protocol extraction potentially leading to XSS in GitHub repository medialize/uri.js prior to 1.19.11...
Cross site scripting
CRHTLF can lead to invalid protocol extraction potentially leading to XSS in GitHub repository medialize/uri.js prior to 1.19.11...
CVE-2022-1243 CRHTLF can lead to invalid protocol extraction potentially leading to XSS in medialize/uri.js
CRHTLF can lead to invalid protocol extraction potentially leading to XSS in GitHub repository medialize/uri.js prior to 1.19.11...
CVE-2022-1243
CVE-2022-1243 concerns the medialize/uri.js library. The issue, caused by CRHTLF, can lead to invalid protocol extraction and potential cross‑site scripting (XSS) when processing user‑supplied URLs in uri.js prior to version 1.19.11. The vulnerability affects medialize/uri.js used by projects suc...
GHSA-G694-M8VQ-GV9H URL Confusion When Scheme Not Supplied in medialize/uri.js
Medialize is a Javascript URL mutation library. When parsing a URL without a scheme and with excessive slashes, like ///www.example.com, URI.js will parse the hostname as null and the path as /www.example.com. Such behaviour is different from that exhibited by browsers, which will parse...
Medialize URI.js 安全漏洞
Medialize URI.js is a Javascript-based code library from the Medialize team that can be used to efficiently splice URLs. A security vulnerability exists in Medialize URI.js versions prior to 1.19.11, which stems from CRHTLF resulting in invalid protocol extraction...
CVE-2022-1233
CVE-2022-1233 affects the medialize/uri.js library. When parsing URLs without a scheme and with excessive slashes, the library may treat the hostname as null and set the path to /www.example.com, leading to URL confusion. This issue is fixed in version 1.19.11; prior releases are vulnerable. Affe...
Medialize URI.js 输入验证错误漏洞
Medialize URI.js is a Javascript-based code library that can be used to efficiently splice URLs from the Medialize team. A security vulnerability exists in medialize/uri.js, no information about the vulnerability is available at this time, please keep watching CNNVD or vendor announcements...
Medialize URI.js Input Validation Error Vulnerability (CNVD-2022-23491)
Medialize URI.js is a Javascript-based code library from the Medialize team that can be used to efficiently stitch together URLs. Medialize URI.js is vulnerable to an input validation error that originates from opening redirects in medialize/uri.js. No detailed vulnerability details are available...
CVE-2022-0868
Open Redirect in GitHub repository medialize/uri.js prior to 1.19.10...
CVE-2022-0868 Open Redirect in medialize/uri.js
Open Redirect in GitHub repository medialize/uri.js prior to 1.19.10...
CVE-2022-0868
CVE-2022-0868 is an open redirect in medialize/uri.js prior to 1.19.10. Open redirect could allow a remote attacker to redirect victims to arbitrary sites via crafted URLs. Public metrics show base scores around 5.8–6.1 (NVD) and up to 8.0 in some sources depending on scope/age. Remediation: upgr...
Medialize URI.js 输入验证错误漏洞
Medialize URI.js is a Javascript-based code library from the Medialize team that can be used to efficiently stitch together URLs. Medialize URI.js is vulnerable to an input validation error that originates from opening redirects in medialize/uri.js. No detailed vulnerability details are available...
Medialize URI.js Input Validation Error Vulnerability (CNVD-2022-19502)
Medialize URI.js is a Javascript-based code library for efficient URL stitching from the Medialize team. correctly parsed. No details of the vulnerability are currently available...
Medialize URI.js 安全漏洞
Medialize URI.js is a Javascript-based code library for efficient URL stitching from the Medialize team. correctly parsed. No details of the vulnerability are currently available...
Medialize URI.js input validation error vulnerability
Medialize URI.js is a Javascript-based code library from the Medialize team that can be used to efficiently stitch URLs. Medialize URI.js is vulnerable to an input validation error that results from a new URI that fails to properly parse https:///, which leads to the system user being directed to...