70 matches found
CVE-2022-0868
Open Redirect in GitHub repository medialize/uri.js prior to 1.19.10...
EUVD-2021-0686
Malware in sbrugna...
EUVD-2021-1450
Malware in sbrugna...
EUVD-2022-1378
Malicious code in bioql PyPI...
EUVD-2022-1737
Malicious code in bioql PyPI...
EUVD-2022-1612
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2021-3647
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - URI.js is vulnerable to URL Redirection to Untrusted Site CVE-2021-3647 Note that Nessus relies on the presence of the package as reported by the vendor...
CVE-2022-1233
URL Confusion When Scheme Not Supplied in GitHub repository medialize/uri.js prior to 1.19.11...
CVE-2021-3647
URI.js is vulnerable to URL Redirection to Untrusted Site...
Linux Distros Unpatched Vulnerability : CVE-2022-24723
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - URI.js is a Javascript URL mutation library. Before version 1.19.9, whitespace characters are not removed from the beginning of the protocol, so URLs are not...
CVE-2022-1243
CRHTLF can lead to invalid protocol extraction potentially leading to XSS in GitHub repository medialize/uri.js prior to 1.19.11...
RHEL 8 : dotnet5.0 (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - urijs: Authorization Bypass Through User-Controlled Key CVE-2022-0613 - URI.js is a Javascript URL mutati...
Security Bulletin: IBM Process Mining is vulnerable to phishing attacks due to URI.js. CVE-2022-0868
Summary URI.js is used by IBM Process Mining. CVE-2022-0868. Vulnerability Details CVEID:CVE-2022-0868 DESCRIPTION: URI.js could allow a remote authenticated attacker to conduct phishing attacks, caused by an open redirect vulnerability. An attacker could exploit this vulnerability using a...
Security Bulletin: Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak.
Summary Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak. Node.js follow-redirects is used by IBM Robotic Process Automation as part of API Server functionality CVE-2022-0536. Madialize URI.js module for NPM is used by IBM Robotic Process Automation as par...
Security Bulletin: IBM App Connect Enterprise Certified Container IntegrationServer components that use Designer flows may be vulnerable to CVE-2022-1243
Summary Node.js module URI.js is used by IBM App Connect Enterprise Certified Container for processing URIs in Designer flows. IBM App Connect Enterprise Certified Container IntegrationServers that use Designer flows may be vulnerable to CVE-2022-1243. This bulletin provides patch information to...
Security Bulletin: IBM App Connect Enterprise Certified Container IntegrationServer components that use Designer flows may be vulnerable to CVE-2022-1233
Summary Node.js module URI.js is used by IBM App Connect Enterprise Certified Container for processing URIs in Designer flows. IBM App Connect Enterprise Certified Container IntegrationServers that Designer flows may be vulnerable to CVE-2022-1233. This bulletin provides patch information to...
CVE-2022-1243
CRHTLF can lead to invalid protocol extraction potentially leading to XSS in GitHub repository medialize/uri.js prior to 1.19.11...
Cross site scripting
CRHTLF can lead to invalid protocol extraction potentially leading to XSS in GitHub repository medialize/uri.js prior to 1.19.11...
CVE-2022-1243 CRHTLF can lead to invalid protocol extraction potentially leading to XSS in medialize/uri.js
CRHTLF can lead to invalid protocol extraction potentially leading to XSS in GitHub repository medialize/uri.js prior to 1.19.11...
CVE-2022-1243
CVE-2022-1243 concerns the medialize/uri.js library. The issue, caused by CRHTLF, can lead to invalid protocol extraction and potential cross‑site scripting (XSS) when processing user‑supplied URLs in uri.js prior to version 1.19.11. The vulnerability affects medialize/uri.js used by projects suc...