Lucene search
Veracode Vulnerability DatabaseVERACODE:34262HistoryFeb 17, 2022 - 7:38 a.m.
Authorization Bypass
2022-02-1707:38:22
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
0.001 Low
EPSS
Percentile
40.5%
urijs is vulnerable to authorization bypass. The vulnerability exists in the User-Controlled Key due to the case-sensitive checks which not properly configured, allowing an attacker to bypass and gain access.
References
github.com/medialize/uri.js/commit/6ea641cc8648b025ed5f30b090c2abd4d1a5249f
github.com/medialize/URI.js/pull/412
huntr.dev/bounties/f53d5c42-c108-40b8-917d-9dad51535083
huntr.dev/bounties/f53d5c42-c108-40b8-917d-9dad51535083/
lists.fedoraproject.org/archives/list/[email protected]/message/MXSSATHALUSXXD2KT6UFZAX7EG4GR332/
Related
rocky
rocky
.NET Core 3.1 on Rocky Linux 8 bugfix update
2022-04-18 13:16:19
nvd
nvd
CVE-2022-0613
2022-02-16 09:15:07
prion
prion
Authorization
2022-02-16 09:15:00
fedora
fedora
[SECURITY] Fedora 35 Update: nodejs-bash-language-server-2.0.0-2.fc35
2022-02-25 16:53:15
osv
osv
CVE-2022-0613
2022-02-16 09:15:07
Authorization Bypass Through User-Controlled Key in urijs
2022-02-17 00:00:35
Open Redirect in urijs
2022-03-07 00:00:40
openvas
openvas
cve
cve
CVE-2022-0613
2022-02-16 09:15:07
cvelist
cvelist
ubuntucve
ubuntucve
CVE-2022-0613
2022-02-16 00:00:00
huntr
huntr
in medialize/uri.js
2022-02-14 22:22:04
Open Redirect
2022-03-01 14:11:41
github
github
Authorization Bypass Through User-Controlled Key in urijs
2022-02-17 00:00:35
Open Redirect in urijs
2022-03-07 00:00:40
redhatcve
redhatcve
CVE-2022-0613
2022-02-17 06:19:50
nessus
nessus
RHEL 8 : dotnet5.0 (Unpatched Vulnerability)
2024-06-03 00:00:00
ibm
ibm
redhat
redhat