CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-6852

Malicious code in bioql PyPI...

9.1CVSS9.1AI score0.00432EPSS

Exploits1References4

RedhatCVE•added 2025/02/05 9:24 p.m.•5 views

CVE-2022-2216

Server-Side Request Forgery SSRF in GitHub repository ionicabizau/parse-url prior to 7.0.0...

9.8CVSS6.7AI score0.00318EPSS

Exploits1References1

RedhatCVE•added 2025/02/05 9:23 p.m.•9 views

CVE-2022-2900

Server-Side Request Forgery SSRF in GitHub repository ionicabizau/parse-url prior to 8.1.0...

9.1CVSS6.7AI score0.00432EPSS

Exploits1References1

Veracode•added 2022/09/15 6:35 a.m.•15 views

Server-Side Request Forgery (SSRF)

parse-url is vulnerable to server-side request forgery. The vulnerability exists in the parseUrl function in index.js because it doesn't validate url or detect the protocol, resource, pathname and user param properly which allows an attacker to cause an ssrf bypass via a crafted url...

9.1CVSS8.5AI score0.00432EPSS

Exploits1References4Affected Software1

CNNVD•added 2022/09/15 12:0 a.m.•1 views

parse-url 安全漏洞

parse-url is an advanced url parser with git url support by the individual developer Ionică Bizău. A security vulnerability exists in parse-url prior to version 8.1.0, which stems from the fact that parse-url incorrectly parses the https url that follows it, identifying its protocol as ssh, and...

9.4CVSS7.6AI score0.00342EPSS

Exploits1References3