CVE-2022-0613
6.5MEDIUMAuthorization Bypass Through User-Controlled Key in NPM urijs prior to 1.19.8.
Published: 2/16/2022Updated: 11/21/2024
Description
Authorization Bypass Through User-Controlled Key in NPM urijs prior to 1.19.8.
AI AnalysisPowered by AI
Affected Products
uri.js_projecturi.js
fedoraprojectfedora
35
References
- https://github.com/medialize/uri.js/commit/6ea641cc8648b025ed5f30b090c2abd4d1a5249fPatchThird Party Advisory
- https://huntr.dev/bounties/f53d5c42-c108-40b8-917d-9dad51535083ExploitIssue TrackingPatchThird Party Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MXSSATHALUSXXD2KT6UFZAX7EG4GR332/
- https://github.com/medialize/uri.js/commit/6ea641cc8648b025ed5f30b090c2abd4d1a5249fPatchThird Party Advisory
- https://huntr.dev/bounties/f53d5c42-c108-40b8-917d-9dad51535083ExploitIssue TrackingPatchThird Party Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MXSSATHALUSXXD2KT6UFZAX7EG4GR332/