Vulnerability	Vulnerable Version
M Authorization Bypass url-parse is a Small footprint URL parser that works seamlessly across Node.js and browser environments. Affected versions of this package are vulnerable to Authorization Bypass via the `hostname` field of a parsed URL, because "url-parse" is unable to find the correct hostname when no port number is provided in the URL. How to fix Authorization Bypass? Upgrade `url-parse` to version 1.5.8 or higher.	<1.5.8
H Improper Input Validation url-parse is a Small footprint URL parser that works seamlessly across Node.js and browser environments. Affected versions of this package are vulnerable to Improper Input Validation due to improper fix of CVE-2020-8124 , it is possible to be exploited via the `\b` (backspace) character. How to fix Improper Input Validation? Upgrade `url-parse` to version 1.5.9 or higher.	<1.5.9

Authorization Bypass

url-parse is a Small footprint URL parser that works seamlessly across Node.js and browser environments.

Affected versions of this package are vulnerable to Authorization Bypass via the hostname field of a parsed URL, because "url-parse" is unable to find the correct hostname when no port number is provided in the URL.

How to fix Authorization Bypass?

Upgrade url-parse to version 1.5.8 or higher.

<1.5.8

Improper Input Validation

url-parse is a Small footprint URL parser that works seamlessly across Node.js and browser environments.

Affected versions of this package are vulnerable to Improper Input Validation due to improper fix of CVE-2020-8124 , it is possible to be exploited via the \b (backspace) character.

How to fix Improper Input Validation?

Upgrade url-parse to version 1.5.9 or higher.

<1.5.9

Go back to all versions of this package