Bugs fixes in "node-url-parse"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2020-8124 | Insufficient validation and sanitization of user input exists in url-parse npm package version 1.4.4 and earlier may allow attacker to bypass securit | 2023-03-27 |
| CVE | CVE-2021-3664 | url-parse is vulnerable to URL Redirection to Untrusted Site | 2023-03-27 |
| CVE | CVE-2021-27515 | url-parse before 1.5.0 mishandles certain uses of backslash such as http:\/ and interprets the URI as a relative path. | 2023-03-27 |
| CVE | CVE-2018-3774 | Incorrect parsing in url-parse <1.4.3 returns wrong hostname which leads to multiple vulnerabilities such as SSRF, Open Redirect, Bypass Authenticati | 2023-03-27 |
| CVE | CVE-2022-0691 | Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.9. | 2023-03-27 |
| CVE | CVE-2022-0686 | Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.8. | 2023-03-27 |
| CVE | CVE-2022-0639 | Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.7. | 2023-03-27 |
| CVE | CVE-2022-0512 | Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.6. | 2023-03-27 |
| CVE | CVE-2021-3664 | url-parse is vulnerable to URL Redirection to Untrusted Site | 2023-03-27 |
| CVE | CVE-2021-27515 | url-parse before 1.5.0 mishandles certain uses of backslash such as http:\/ and interprets the URI as a relative path. | 2023-03-27 |
| CVE | CVE-2022-0691 | Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.9. | 2023-03-27 |
| CVE | CVE-2022-0686 | Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.8. | 2023-03-27 |
| CVE | CVE-2022-0639 | Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.7. | 2023-03-27 |
| CVE | CVE-2022-0512 | Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.6. | 2023-03-27 |
| CVE | CVE-2020-8124 | Insufficient validation and sanitization of user input exists in url-parse npm package version 1.4.4 and earlier may allow attacker to bypass securit | 2023-03-27 |
| CVE | CVE-2021-3664 | url-parse is vulnerable to URL Redirection to Untrusted Site | 2023-03-27 |
| CVE | CVE-2021-27515 | url-parse before 1.5.0 mishandles certain uses of backslash such as http:\/ and interprets the URI as a relative path. | 2023-03-27 |
| CVE | CVE-2018-3774 | Incorrect parsing in url-parse <1.4.3 returns wrong hostname which leads to multiple vulnerabilities such as SSRF, Open Redirect, Bypass Authenticati | 2023-03-27 |
| CVE | CVE-2022-0691 | Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.9. | 2023-03-27 |
| CVE | CVE-2022-0686 | Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.8. | 2023-03-27 |
About
-
Send Feedback to @ubuntu_updates
