Описание
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository ionicabizau/parse-url prior to 7.0.0.
A flaw was found in the parse-url package. Affected versions of this package are vulnerable to information exposure due to an improper validation issue.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat build of Apicurio Registry 2 | parse-url | Affected | ||
| Red Hat Integration Camel K 1 | parse-url | Will not fix | ||
| Red Hat Integration Data Virtualisation Operator | parse-url | Out of support scope | ||
| Red Hat Integration Service Registry | parse-url | Out of support scope | ||
| Red Hat OpenShift Container Platform 4 | openshift4/ose-console | Not affected | ||
| Red Hat OpenShift Dev Spaces | devspaces/dashboard-rhel8 | Not affected | ||
| Red Hat OpenShift distributed tracing 2 | rhosdt/jaeger-agent-rhel8 | Will not fix | ||
| Red Hat OpenShift distributed tracing 2 | rhosdt/jaeger-all-in-one-rhel8 | Not affected | ||
| Red Hat OpenShift distributed tracing 2 | rhosdt/jaeger-collector-rhel8 | Will not fix | ||
| Red Hat OpenShift distributed tracing 2 | rhosdt/jaeger-es-index-cleaner-rhel8 | Will not fix |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-212
https://bugzilla.redhat.com/show_bug.cgi?id=2103584parse-url: Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository ionicabizau/parse-url
7.5 High
CVSS3
Связанные уязвимости
CVSS3: 7.5
nvd
больше 3 лет назад
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository ionicabizau/parse-url prior to 7.0.0.
7.5 High
CVSS3