Url-parse Security Vulnerabilities and Issues — Url-parse CVE List

Lucene search

Url-parse ProjectUrl-parse

8 matches found

CVE•added 2022/02/20 1:15 p.m.•189 views

CVE-2022-0686

Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.8.

9.1CVSS7.5AI score0.00161EPSS

CVE•added 2022/02/14 4:15 p.m.•145 views

CVE-2022-0512

Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.6.

8.8CVSS5.4AI score0.0003EPSS

CVE•added 2022/02/17 6:15 p.m.•135 views

CVE-2022-0639

Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.7.

6.5CVSS5.4AI score0.00028EPSS

CVE•added 2022/02/21 9:15 a.m.•134 views

CVE-2022-0691

Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.9.

9.8CVSS7.7AI score0.0012EPSS

CVE•added 2021/02/22 12:15 a.m.•111 views

CVE-2021-27515

url-parse before 1.5.0 mishandles certain uses of backslash such as http:/ and interprets the URI as a relative path.

5.3CVSS5.4AI score0.00188EPSS

CVE•added 2020/02/04 8:15 p.m.•101 views

CVE-2020-8124

Insufficient validation and sanitization of user input exists in url-parse npm package version 1.4.4 and earlier may allow attacker to bypass security checks.

5.3CVSS5.4AI score0.00055EPSS

CVE•added 2021/07/26 12:15 p.m.•90 views

CVE-2021-3664

url-parse is vulnerable to URL Redirection to Untrusted Site

5.3CVSS5.4AI score0.00325EPSS

CVE•added 2018/08/12 10:29 p.m.•68 views

CVE-2018-3774

Incorrect parsing in url-parse

10CVSS9.5AI score0.00971EPSS