CVE-2022-2218 Cross-site Scripting (XSS) - Stored in ionicabizau/parse-url

Cross-site Scripting XSS - Stored in GitHub repository ionicabizau/parse-url prior to 7.0.0...

CVE-2022-2218 Cross-site Scripting (XSS) - Stored in ionicabizau/parse-url

Cross-site Scripting XSS - Stored in GitHub repository ionicabizau/parse-url prior to 7.0.0...

CVE-2022-2217

Cross-site Scripting XSS - Generic in GitHub repository ionicabizau/parse-url prior to 7.0.0...

CVE-2022-0722

Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository ionicabizau/parse-url prior to 7.0.0...

CVE-2022-2217

Cross-site Scripting XSS - Generic in GitHub repository ionicabizau/parse-url prior to 7.0.0...

CVE-2022-2217

The CVE-2022-2217 issue is a cross-site scripting (XSS) vulnerability in the npm package parse-url (GitHub: ionicabizau/parse-url) affecting versions prior to 7.0.0 . The root cause is the ability to inject or execute malicious JavaScript on webpages produced by the affected package through craft...

Parse Server 安全漏洞

Parse Server is a backend that can be deployed to any infrastructure that can run Node.js. A denial-of-service vulnerability exists in Parse Server, which stems from certain types of invalid file requests not being handled properly and can be exploited by an attacker to cause the server to crash...

parse-url 代码问题漏洞

parse-url is an advanced url parser with git url support from the individual developer Ionică Bizău. A code issue vulnerability exists in parse-url versions prior to 7.0.0, which stems from improper handling of usernames and passwords, undetected hostnames, and can be exploited by an attacker to...

parse-url 信息泄露漏洞

parse-url is an advanced url parser with git url support. An information disclosure vulnerability exists in versions of parse-url prior to 7.0.0, which can be exploited by attackers to expose sensitive information to unauthorized participants...

parse-url 跨站脚本漏洞

parse-url is an advanced url parser with git url support. A cross-site scripting vulnerability exists in parse-url versions prior to 7.0.0, which stems from the ability to run malicious JS code using ASCII characters starting with and all special escape characters starting with Unicode, which can...

parse-url 跨站脚本漏洞

parse-url is an advanced url parser with git url support. A cross-site scripting vulnerability exists in parse-url versions prior to 7.0.0, which stems from a last fix can be bypassed and can be exploited by an attacker to place any malicious JS code on a web page...

PT-2022-15277 · Parse-Url · Url-Parse

Name of the Vulnerable Software and Affected Versions: parse-url versions prior to 7.0.0 Description: The issue is related to Server-Side Request Forgery SSRF in the parse-url repository. This allows for the exploitation of parse URL to read local files. Recommendations: For versions prior to...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS. It contains an invalid arithmetic shift via the function parsetagandwiretype in protobuf-c/protobuf-c.c. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to it...

DEBIAN-CVE-2022-33070

Protobuf-c v1.4.0 was discovered to contain an invalid arithmetic shift via the function parsetagandwiretype in protobuf-c/protobuf-c.c. This vulnerability allows attackers to cause a Denial of Service DoS via unspecified vectors...

ALPINE-CVE-2022-33070

Protobuf-c v1.4.0 was discovered to contain an invalid arithmetic shift via the function parsetagandwiretype in protobuf-c/protobuf-c.c. This vulnerability allows attackers to cause a Denial of Service DoS via unspecified vectors...

UBUNTU-CVE-2022-33070

Protobuf-c v1.4.0 was discovered to contain an invalid arithmetic shift via the function parsetagandwiretype in protobuf-c/protobuf-c.c. This vulnerability allows attackers to cause a Denial of Service DoS via unspecified vectors...

protobuf-c 安全漏洞

protobuf-c is a protocol buffer implementation based on C. A denial of service vulnerability exists in Protobuf-c v1.4.0, which stems from a function parsetagandwiretype in protobuf-c/protobuf-c.c that contains an invalid arithmetic shift. An attacker could exploit this vulnerability to cause a...

PT-2022-5386 · Libxml2 +12 · Libxml2 +12

Name of the Vulnerable Software and Affected Versions: libxml2 versions prior to 2.10.3 Description: An issue was discovered in libxml2 where certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be...

PT-2022-5387 · Libxml2 +12 · Libxml2 +12

Name of the Vulnerable Software and Affected Versions: libxml2 versions prior to 2.10.3 Description: The issue is related to an integer overflow in the xmlParseNameComplex function of the libxml2 library when parsing XML documents with the XML PARSE HUGE parser option enabled. This can lead to an...

Denial Of Service (DoS)

parse-server is vulnerable to denial of service DoS attacks. A malicious user is able to cause denial of service conditions via certain types of invalid file requests which are not handled properly...