CVE-2020-8124 Vulnerability in maven package org.webjars.npm:url-parse

Description

Insufficient validation and sanitization of user input exists in url-parse npm package version 1.4.4 and earlier may allow attacker to bypass security checks.

Remediation

References

https://hackerone.com/reports/496293

Related Vulnerabilities

CVE-2017-11342 Vulnerability in npm package node-sass

CVE-2023-49145 Vulnerability in maven package org.apache.nifi:nifi-jolt-transform-json-ui

CVE-2020-7775 Vulnerability in npm package freediskspace

CVE-2020-28451 Vulnerability in npm package image-tiler

CVE-2022-29822 Vulnerability in npm package feathers-sequelize

Severity

Medium

Classification

CWE-20 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N