Lucene search
Veracode Vulnerability DatabaseVERACODE:7187HistoryJul 31, 2018 - 3:20 a.m.
Wrong Hostname Return
2018-07-3103:20:17
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
11
EPSS
0.003
Percentile
70.5%
url-parse returns the wrong hostname. It is possible due to the way URL string is parsed, resulting in a wrong hostname opening up multiple vulnerabilities such as SSRF, Open Redirect, Bypass Authentication Protocol.
Related
prion
prion
Design/Logic Flaw
2018-08-12 22:29:00
redhatcve
redhatcve
CVE-2018-3774
2021-03-19 05:52:54
cve
cve
CVE-2018-3774
2018-08-12 22:29:00
nodejs
nodejs
Open Redirect
2018-08-02 15:02:33
nvd
nvd
CVE-2018-3774
2018-08-12 22:29:00
github
github
Open Redirect in url-parse
2018-08-13 15:02:15
hackerone
hackerone
curl: SSRF via maliciously crafted URL due to host confusion
2019-10-01 02:48:40
Node.js third-party modules: url-parse package return wrong hostname
2018-07-19 09:49:12
debiancve
debiancve
CVE-2018-3774
2018-08-12 22:29:00
cvelist
cvelist
CVE-2018-3774
2018-08-12 22:00:00
osv
osv
Open Redirect in url-parse
2018-08-13 15:02:15
node-url-parse vulnerabilities
2023-03-27 14:59:16
ubuntucve
ubuntucve
CVE-2018-3774
2018-08-12 00:00:00
ubuntu
ubuntu
url-parse vulnerabilities
2023-03-27 00:00:00
nessus
nessus
openvas
openvas
Ubuntu: Security Advisory (USN-5973-1)
2023-03-28 00:00:00
redhat
redhat