Show filters
15 Total Results
Displaying 1-10 of 15
Sort by:
Attacker Value
Unknown

CVE-2023-33290

Disclosure Date: June 12, 2023 (last updated October 08, 2023)
The git-url-parse crate through 0.4.4 for Rust allows Regular Expression Denial of Service (ReDos) via a crafted URL to normalize_url in lib.rs, a similar issue to CVE-2023-32758 (Python).
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-3224

Disclosure Date: September 15, 2022 (last updated October 08, 2023)
Misinterpretation of Input in GitHub repository ionicabizau/parse-url prior to 8.1.0.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2022-2900

Disclosure Date: September 14, 2022 (last updated October 08, 2023)
Server-Side Request Forgery (SSRF) in GitHub repository ionicabizau/parse-url prior to 8.1.0.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-2218

Disclosure Date: June 27, 2022 (last updated October 07, 2023)
Cross-site Scripting (XSS) - Stored in GitHub repository ionicabizau/parse-url prior to 7.0.0.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2022-2216

Disclosure Date: June 27, 2022 (last updated October 07, 2023)
Server-Side Request Forgery (SSRF) in GitHub repository ionicabizau/parse-url prior to 7.0.0.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-2217

Disclosure Date: June 27, 2022 (last updated October 07, 2023)
Cross-site Scripting (XSS) - Generic in GitHub repository ionicabizau/parse-url prior to 7.0.0.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2022-0722

Disclosure Date: June 27, 2022 (last updated October 07, 2023)
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository ionicabizau/parse-url prior to 7.0.0.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-0691

Disclosure Date: February 21, 2022 (last updated October 07, 2023)
Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.9.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-0686

Disclosure Date: February 20, 2022 (last updated October 07, 2023)
Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.8.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-0639

Disclosure Date: February 17, 2022 (last updated October 07, 2023)
Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.7.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
View More Topics  Next >