org.webjars.npm:url-parse@1.5.4 vulnerabilities
-
latest version
1.5.10
-
latest non vulnerable version
-
first published
8 years ago
-
latest version published
2 years ago
-
licenses detected
- [0.0.4,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.webjars.npm:url-parse package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.| Vulnerability | Vulnerable Version |
|---|---|
org.webjars.npm:url-parse is a Small footprint URL parser that works seamlessly across Node.js and browser environments. Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key due to incorrect conversion of How to fix Authorization Bypass Through User-Controlled Key? Upgrade |
[,1.5.8)
|
org.webjars.npm:url-parse is a Small footprint URL parser that works seamlessly across Node.js and browser environments. Affected versions of this package are vulnerable to Authorization Bypass via the How to fix Authorization Bypass? Upgrade |
[,1.5.8)
|
org.webjars.npm:url-parse is a Small footprint URL parser that works seamlessly across Node.js and browser environments. Affected versions of this package are vulnerable to Improper Input Validation due to improper fix of CVE-2020-8124 , it is possible to be exploited via the How to fix Improper Input Validation? Upgrade |
[,1.5.9)
|
org.webjars.npm:url-parse is a Small footprint URL parser that works seamlessly across Node.js and browser environments. Affected versions of this package are vulnerable to Access Restriction Bypass due to improper parsing process, that may lead to incorrect handling of authentication credentials and hostname, which allows bypass of hostname validation. How to fix Access Restriction Bypass? Upgrade |
[,1.5.8)
|