Lucene search
GoogleOSV:GHSA-HH27-FFR2-F2JCHistoryAug 10, 2021 - 4:07 p.m.
Open redirect in url-parse
2021-08-1016:07:08
Google
osv.dev
13
npm
url-parse
open redirect
vulnerability
ssrf
undesired behavior
EPSS
0.001
Percentile
47.4%
Overview
Affected versions of npm url-parse are vulnerable to URL Redirection to Untrusted Site.
Impact
Depending on library usage and attacker intent, impacts may include allow/block list bypasses, SSRF attacks, open redirects, or other undesired behavior.
References
github.com/unshiftio/url-parse
github.com/unshiftio/url-parse/commit/81ab967889b08112d3356e451bf03e6aa0cbb7e0
github.com/unshiftio/url-parse/issues/205
github.com/unshiftio/url-parse/issues/206
huntr.dev/bounties/1625557993985-unshiftio/url-parse
lists.debian.org/debian-lts-announce/2023/02/msg00030.html
nvd.nist.gov/vuln/detail/CVE-2021-3664
Related
debiancve
debiancve
CVE-2021-3664
2021-07-26 12:15:08
github
github
Open redirect in url-parse
2021-08-10 16:07:08
cve
cve
CVE-2021-3664
2021-07-26 12:15:08
nodejs
nodejs
Open Redirect
2021-08-10 16:10:27
cvelist
cvelist
CVE-2021-3664 Open Redirect in unshiftio/url-parse
2021-07-26 00:00:00
nvd
nvd
CVE-2021-3664
2021-07-26 12:15:08
veracode
veracode
Open Redirection
2021-07-27 05:53:18
prion
prion
Design/Logic Flaw
2021-07-26 12:15:00
ubuntucve
ubuntucve
CVE-2021-3664
2021-07-26 00:00:00
osv
osv
CVE-2021-3664
2021-07-26 12:15:08
node-url-parse - security update
2023-02-23 00:00:00
node-url-parse vulnerabilities
2023-03-27 14:59:16
redhatcve
redhatcve
CVE-2021-3664
2021-08-03 06:24:49
huntr
huntr
Open Redirect in unshiftio/url-parse
2021-07-06 07:53:15
openvas
openvas
Debian: Security Advisory (DLA-3336-1)
2023-02-23 00:00:00
Ubuntu: Security Advisory (USN-5973-1)
2023-03-28 00:00:00
debian
debian
[SECURITY] [DLA 3336-1] node-url-parse security update
2023-02-23 00:55:13
nessus
nessus
Debian DLA-3336-1 : node-url-parse - LTS security update
2023-02-23 00:00:00
ubuntu
ubuntu
url-parse vulnerabilities
2023-03-27 00:00:00
