Lucene search
GoogleOSV:CVE-2022-24723HistoryMar 03, 2022 - 9:15 p.m.
CVE-2022-24723
2022-03-0321:15:07
Google
osv.dev
19
uri.js
url mutation
vulnerability
EPSS
0.001
Percentile
47.2%
URI.js is a Javascript URL mutation library. Before version 1.19.9, whitespace characters are not removed from the beginning of the protocol, so URLs are not parsed properly. This issue has been patched in version 1.19.9. Removing leading whitespace from values before passing them to URI.parse can be used as a workaround.
Related
github
github
Leading white space bypasses protocol validation
2022-03-03 19:23:36
cvelist
cvelist
CVE-2022-24723 Improper Input Validation in URI.js
2022-03-03 20:35:11
prion
prion
Input validation
2022-03-03 21:15:00
huntr
huntr
Protocol/Hostname spoofing via Improper Input Validation
2022-02-27 02:50:37
cve
cve
CVE-2022-24723
2022-03-03 21:15:07
redhatcve
redhatcve
CVE-2022-24723
2022-03-09 16:57:45
osv
osv
Leading white space bypasses protocol validation
2022-03-03 19:23:36
cnvd
cnvd
Medialize URI.js Input Validation Error Vulnerability (CNVD-2022-19502)
2022-03-04 00:00:00
nvd
nvd
CVE-2022-24723
2022-03-03 21:15:07
veracode
veracode
Cross-site Scripting (XSS)
2022-03-04 04:13:53
ubuntucve
ubuntucve
CVE-2022-24723
2022-03-03 00:00:00
nessus
nessus
RHEL 8 : dotnet5.0 (Unpatched Vulnerability)
2024-06-03 00:00:00
ibm
ibm
redhat
redhat