You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
url-parse is a Small footprint URL parser that works seamlessly across Node.js and browser environments.
Affected versions of this package are vulnerable to Access Restriction Bypass due to improper parsing process, that may lead to incorrect handling of authentication credentials and hostname, which allows bypass of hostname validation.
Affecting Packages/Plugins
Overview
url-parse is a Small footprint URL parser that works seamlessly across Node.js and browser environments.
Affected versions of this package are vulnerable to Access Restriction Bypass due to improper parsing process, that may lead to incorrect handling of authentication credentials and hostname, which allows bypass of hostname validation.
PoC:
Remediation
Upgrade
url-parse
to version 1.5.6 or higher.References
The text was updated successfully, but these errors were encountered: