Bounties
Partners
Community
Info
unshiftio / url-parse
Project repository
Small footprint URL parser that works seamlessly across Node.js and browser environments.
Submit a report
FIRST INTERACTION
WITHIN
N/A DAYS
REVIEW
WITHIN
47 DAYS
FIX
WITHIN
13 DAYS
URL Confusion Can Leads Authorization Bypass
Jul 21st 2023
jayway007
•
pending
ReDoS (Regular expression Denial of Service) on "trim" function
Mar 6th 2023
memmedrehimzade
•
pending
Using HTML encoding leads to protocol filter bypass
Apr 12th 2024
nhienit2010
•
self closed
SSRF via Improper Input Validation in unshiftio / url-parse
Jun 29th 2022
inweol
•
spam
Cross Site Scripting via Improper Input Validation in unshiftio/url-parse
Jun 29th 2022
inweol
•
spam
Cross Site Scripting via Improper Input Validation in unshiftio / url-parse
Jun 29th 2022
inweol
•
spam
Authorization Bypass Through User-Controlled Key in unshiftio/url-parse
May 24th 2022
huydoppa
•
not applicable
Authorization Bypass Through User-Controlled Key
Feb 20th 2022
haxatron
•
Medium
•
$750
Medium
•
$750
•
CVE-2022-0691
CVE-2022-0691
Authorization Bypass Through User-Controlled Key
Feb 19th 2022
r0hansh
•
Medium
•
$750
Medium
•
$750
•
CVE-2022-0686
CVE-2022-0686
Authorization Bypass Through User-Controlled Key
Feb 17th 2022
haxatron
•
Medium
•
$750
Medium
•
$750
•
CVE-2022-0639
CVE-2022-0639
Authorization Bypass Through User-Controlled Key
Feb 13th 2022
ranjit-git
•
High
•
$750
High
•
$750
•
CVE-2022-0512
CVE-2022-0512
Open Redirect
Jul 24th 2021
ready-research
•
Medium
•
$500
Medium
•
$500
•
CVE-2021-3664
CVE-2021-3664
CRITICAL
$0
HIGH
$0
MEDIUM
$0
LOW
$0
