Information on source package node-url-parse

Available versions

ReleaseVersion
stretch1.0.5-2+deb9u1
buster1.2.0-2+deb10u1
bullseye1.5.3-1
bookworm1.5.10+~1.4.8-1
sid1.5.10+~1.4.8-2

Open issues

BugstretchbusterbullseyebookwormsidDescription
CVE-2022-0691vulnerablevulnerablevulnerablefixedfixedAuthorization Bypass Through User-Controlled Key in NPM url-parse prio ...
CVE-2022-0686vulnerablevulnerablevulnerablefixedfixedAuthorization Bypass Through User-Controlled Key in NPM url-parse prio ...
CVE-2022-0639vulnerablevulnerable (no DSA)vulnerable (no DSA)fixedfixedAuthorization Bypass Through User-Controlled Key in NPM url-parse prio ...
CVE-2022-0512vulnerablevulnerable (no DSA)vulnerable (no DSA)fixedfixedAuthorization Bypass Through User-Controlled Key in NPM url-parse prio ...
CVE-2021-27515vulnerablevulnerable (no DSA)fixedfixedfixedurl-parse before 1.5.0 mishandles certain uses of backslash such as ht ...
CVE-2021-3664vulnerablevulnerable (no DSA)fixedfixedfixedurl-parse is vulnerable to URL Redirection to Untrusted Site ...
CVE-2020-8124vulnerable (no DSA, ignored)fixedfixedfixedfixedInsufficient validation and sanitization of user input exists in url-p ...

Resolved issues

BugDescription
CVE-2018-3774Incorrect parsing in url-parse <1.4.3 returns wrong hostname which ...

Search for package or bug name: Reporting problems