CVE-2020-8124

Опубликовано: 04 фев. 2020

Источник: ubuntu

Приоритет: medium

CVSS2: 5

CVSS3: 5.3

Описание

Insufficient validation and sanitization of user input exists in url-parse npm package version 1.4.4 and earlier may allow attacker to bypass security checks.

Релиз	Статус	Примечание
bionic	released	1.2.0-1ubuntu0.1
devel	not-affected
eoan	not-affected	1.4.7-3
esm-apps/bionic	released	1.2.0-1ubuntu0.1
esm-apps/focal	not-affected	1.4.7-3
esm-apps/jammy	not-affected	1.5.9+~1.4.8-1
esm-apps/xenial	released	1.0.5-2ubuntu0.1~esm2
esm-infra-legacy/trusty	DNE
focal	not-affected	1.4.7-3
groovy	ignored	end of life

Показывать по

Ссылки на источники

5 Medium

CVSS2

5.3 Medium

CVSS3

Связанные уязвимости

CVE-2020-8124

CVSS3: 5.3

redhat

около 6 лет назад

Insufficient validation and sanitization of user input exists in url-parse npm package version 1.4.4 and earlier may allow attacker to bypass security checks.

CVE-2020-8124

CVSS3: 5.3

nvd

около 6 лет назад

Insufficient validation and sanitization of user input exists in url-parse npm package version 1.4.4 and earlier may allow attacker to bypass security checks.

CVE-2020-8124

CVSS3: 5.3

debian

около 6 лет назад

Insufficient validation and sanitization of user input exists in url-p ...

GHSA-46c4-8wrp-j99v

CVSS3: 5.3

github

около 4 лет назад

Improper Validation and Sanitization in url-parse

5 Medium

CVSS2

5.3 Medium

CVSS3

CVE-2020-8124

Описание

Пакет node-url-parse

Ссылки на источники

Связанные уязвимости