CVE-2021-27516

Опубликовано: 22 фев. 2021

Источник: debian

Описание

URI.js (aka urijs) before 1.19.6 mishandles certain uses of backslash such as http:\/ and interprets the URI as a relative path.

Пакет	Статус	Версия исправления	Релиз	Тип
node-urijs	itp			package

https://github.com/medialize/URI.js/commit/a1ad8bcbc39a4d136d7e252e76e957f3ece70839 (v1.19.6)
https://github.com/medialize/URI.js/releases/tag/v1.19.6

CVE-2021-27516

CVSS3: 7.5

redhat

почти 5 лет назад

URI.js (aka urijs) before 1.19.6 mishandles certain uses of backslash such as http:\/ and interprets the URI as a relative path.

CVE-2021-27516

CVSS3: 7.5

nvd

почти 5 лет назад

URI.js (aka urijs) before 1.19.6 mishandles certain uses of backslash such as http:\/ and interprets the URI as a relative path.

GHSA-p6j9-7xhc-rhwp

CVSS3: 7.5

github

почти 5 лет назад

URIjs Hostname spoofing via backslashes in URL