6928 matches found
GHSA-4P35-CFCX-8653 Hostname confusion in parse-url
Exposure of Sensitive Information to an Unauthorized Actor via hostname confusion in GitHub repository ionicabizau/parse-url prior to 6.0.1...
GHSA-JPP7-7CHH-CF67 Cross site scripting in parse-url
Cross-site Scripting XSS - Stored in GitHub repository ionicabizau/parse-url prior to 7.0.0...
parse-path 安全漏洞
parse-path is a library by the individual developers of Ionică Bizău. It is used to parse path. A security vulnerability exists in parse-path versions prior to 5.0.0, which stems from a lack of valid restrictions on the presence of user-controlled keys in the application. An attacker can exploit...
CVE-2022-31089
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. In affected versions certain types of invalid files requests are not handled properly and can crash the server. If you are running multiple Parse Server instances in a cluster, the availability...
DEBIAN-CVE-2021-40942
In GPAC MP4Box v1.1.0, there is a heap-buffer-overflow in the function filterparsedynargs function in filtercore/filter.c:1454, as demonstrated by GPAC. This can cause a denial of service DOS...
Code injection
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. In affected versions certain types of invalid files requests are not handled properly and can crash the server. If you are running multiple Parse Server instances in a cluster, the availability...
CVE-2022-31089 Invalid file request can crashe parse-server
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. In affected versions certain types of invalid files requests are not handled properly and can crash the server. If you are running multiple Parse Server instances in a cluster, the availability...
CVE-2022-31089
CVE-2022-31089 affects Parse Server (Node.js backend). The vulnerability arises from improper handling of certain invalid file requests, which can crash the server. Impact: availability can be high for a single instance, lower for clustered setups. The issue has been fixed in versions 4.10.12 and...
CVE-2022-31089 Invalid file request can crashe parse-server
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. In affected versions certain types of invalid files requests are not handled properly and can crash the server. If you are running multiple Parse Server instances in a cluster, the availability...
CVE-2022-31089 Invalid file request can crashe parse-server
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. In affected versions certain types of invalid files requests are not handled properly and can crash the server. If you are running multiple Parse Server instances in a cluster, the availability...
CVE-2022-2218
Cross-site Scripting XSS - Stored in GitHub repository ionicabizau/parse-url prior to 7.0.0...
CVE-2022-2218
Cross-site Scripting XSS - Stored in GitHub repository ionicabizau/parse-url prior to 7.0.0...
Cross site scripting
Cross-site Scripting XSS - Stored in GitHub repository ionicabizau/parse-url prior to 7.0.0...
CVE-2022-2216
Server-Side Request Forgery SSRF in GitHub repository ionicabizau/parse-url prior to 7.0.0...
CVE-2022-2216
Server-Side Request Forgery SSRF in GitHub repository ionicabizau/parse-url prior to 7.0.0...
Server side request forgery (ssrf)
Server-Side Request Forgery SSRF in GitHub repository ionicabizau/parse-url prior to 7.0.0...
CVE-2022-2216 Server-Side Request Forgery (SSRF) in ionicabizau/parse-url
Server-Side Request Forgery SSRF in GitHub repository ionicabizau/parse-url prior to 7.0.0...
CVE-2022-2216
CVE-2022-2216 corresponds to a Server-Side Request Forgery (SSRF) in the GitHub repository ionicabizau/parse-url, affecting versions prior to 7.0.0. The connected documents describe the issue as an SSRF flaw in the URL parsing logic (with references noting potential local file access). The root c...
CVE-2022-2216 Server-Side Request Forgery (SSRF) in ionicabizau/parse-url
Server-Side Request Forgery SSRF in GitHub repository ionicabizau/parse-url prior to 7.0.0...
CVE-2022-2218
CVE-2022-2218 describes a stored XSS vulnerability in the parse-url library by ionicabizau, affecting versions prior to 7.0.0. The issue allows an attacker to place malicious JavaScript on a page via the vulnerable parse-url handling. The provided documents confirm the vulnerability but do not sp...