Uri.js Security Vulnerabilities and Issues — Uri.js CVE List | Vulners.com

Lucene search

K

Uri.js ProjectUri.js

4 matches found

CVE•added 2022/02/16 9:15 a.m.•215 views

CVE-2022-0613

Authorization Bypass Through User-Controlled Key in NPM urijs prior to 1.19.8.

6.5CVSS5.8AI score0.00022EPSS

CVE•added 2020/12/31 12:15 a.m.•88 views

CVE-2020-26291

URI.js is a javascript URL mutation library (npm package urijs). In URI.js before version 1.19.4, the hostname can be spoofed by using a backslash (\) character followed by an at (@) character. If the hostname is used in security decisions, the decision may be incorrect. Depending on library usage ...

6.5CVSS6.4AI score0.00581EPSS

CVE•added 2021/07/16 11:15 a.m.•80 views

CVE-2021-3647

URI.js is vulnerable to URL Redirection to Untrusted Site

6.1CVSS5.8AI score0.00175EPSS

CVE•added 2022/04/04 8:15 p.m.•77 views

CVE-2022-1233

URL Confusion When Scheme Not Supplied in GitHub repository medialize/uri.js prior to 1.19.11.

6.5CVSS6.3AI score0.00236EPSS