Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
url-parse project url-parse vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2021-27515
url-parse prior to 1.5.0 mishandles certain uses of backslash such as http:\/ and interprets the URI as a relative path.
Url-parse Project Url-parse
445
VMScore
CVE-2020-8124
Insufficient validation and sanitization of user input exists in url-parse npm package version 1.4.4 and previous versions may allow malicious user to bypass security checks.
Url-parse Project Url-parse
668
VMScore
CVE-2018-3774
Incorrect parsing in url-parse <1.4.3 returns wrong hostname which leads to multiple vulnerabilities such as SSRF, Open Redirect, Bypass Authentication Protocol.
Url-parse Project Url-parse
1 Github repository
571
VMScore
CVE-2022-0686
Authorization Bypass Through User-Controlled Key in NPM url-parse before 1.5.8.
Url-parse Project Url-parse
445
VMScore
CVE-2022-0512
Authorization Bypass Through User-Controlled Key in NPM url-parse before 1.5.6.
Url-parse Project Url-parse
668
VMScore
CVE-2022-0691
Authorization Bypass Through User-Controlled Key in NPM url-parse before 1.5.9.
Url-parse Project Url-parse
445
VMScore
CVE-2022-0639
Authorization Bypass Through User-Controlled Key in NPM url-parse before 1.5.7.
Url-parse Project Url-parse
446
VMScore
CVE-2021-3664
url-parse is vulnerable to URL Redirection to Untrusted Site
Url-parse Project Url-parse
NA
CVE-2023-33290
The git-url-parse crate up to and including 0.4.4 for Rust allows Regular Expression Denial of Service (ReDos) via a crafted URL to normalize_url in lib.rs, a similar issue to CVE-2023-32758 (Python).
Git-url-parse Project Git-url-parse
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started