Skip to main content

Uri Js

7 CVEs product

Monthly

CVE-2022-1243 npm MEDIUM POC PATCH This Month

CRHTLF can lead to invalid protocol extraction potentially leading to XSS in GitHub repository medialize/uri.js prior to 1.19.11. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Uri Js
NVD GitHub
CVSS 3.1
6.1
EPSS
0.7%
CVE-2022-1233 npm MEDIUM POC PATCH This Month

URL Confusion When Scheme Not Supplied in GitHub repository medialize/uri.js prior to 1.19.11. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Uri Js
NVD GitHub
CVSS 3.1
6.1
EPSS
0.8%
CVE-2022-0868 npm MEDIUM POC PATCH This Month

Open Redirect in GitHub repository medialize/uri.js prior to 1.19.10. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Open Redirect Uri Js
NVD GitHub
CVSS 3.1
6.1
EPSS
0.7%
CVE-2022-24723 npm MEDIUM POC PATCH This Month

URI.js is a Javascript URL mutation library. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Uri Js
NVD GitHub
CVSS 3.1
5.3
EPSS
2.0%
CVE-2021-3647 npm MEDIUM POC PATCH This Month

URI.js is vulnerable to URL Redirection to Untrusted Site. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Open Redirect Uri Js
NVD GitHub
CVSS 3.1
6.1
EPSS
0.9%
CVE-2021-27516 npm HIGH POC PATCH This Week

URI.js (aka urijs) before 1.19.6 mishandles certain uses of backslash such as http:\/ and interprets the URI as a relative path. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Uri Js
NVD GitHub
CVSS 3.1
7.5
EPSS
2.5%
CVE-2020-26291 npm MEDIUM PATCH This Month

URI.js is a javascript URL mutation library (npm package urijs). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Node.js SSRF Uri Js
NVD GitHub
CVSS 3.1
6.5
EPSS
1.7%
EPSS 1% CVSS 6.1
MEDIUM POC PATCH This Month

CRHTLF can lead to invalid protocol extraction potentially leading to XSS in GitHub repository medialize/uri.js prior to 1.19.11. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Uri Js
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM POC PATCH This Month

URL Confusion When Scheme Not Supplied in GitHub repository medialize/uri.js prior to 1.19.11. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Uri Js
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM POC PATCH This Month

Open Redirect in GitHub repository medialize/uri.js prior to 1.19.10. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Open Redirect Uri Js
NVD GitHub
EPSS 2% CVSS 5.3
MEDIUM POC PATCH This Month

URI.js is a Javascript URL mutation library. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Uri Js
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM POC PATCH This Month

URI.js is vulnerable to URL Redirection to Untrusted Site. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Open Redirect Uri Js
NVD GitHub
EPSS 2% CVSS 7.5
HIGH POC PATCH This Week

URI.js (aka urijs) before 1.19.6 mishandles certain uses of backslash such as http:\/ and interprets the URI as a relative path. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Uri Js
NVD GitHub
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

URI.js is a javascript URL mutation library (npm package urijs). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Node.js SSRF Uri Js
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy