Description
Insufficient validation and sanitization of user input exists in url-parse npm package version 1.4.4 and earlier may allow attacker to bypass security checks.
Remediation
References
https://hackerone.com/reports/496293
Related Vulnerabilities
CVE-2021-29445 Vulnerability in npm package jose-node-esm-runtime
CVE-2022-38666 Vulnerability in maven package io.jenkins.plugins:cavisson-ns-nd-integration
CVE-2020-13961 Vulnerability in npm package strapi
CVE-2022-21803 Vulnerability in npm package nconf
CVE-2023-50571 Vulnerability in maven package org.jeasy:easy-rules-mvel