Pricing Enterprise

CVE-2022-0639

5.3MEDIUM

Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.7.

Published: 2/17/2022Updated: 12/16/2025

View on NVD View on MITRE

Description

Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.7.

AI AnalysisPowered by AI

Affected Products

url-parse_projecturl-parse

References

https://github.com/unshiftio/url-parse/commit/ef45a1355375a8244063793a19059b4f62fc8788
PatchThird Party Advisory
https://huntr.dev/bounties/83a6bc9a-b542-4a38-82cd-d995a1481155
ExploitIssue TrackingPatchThird Party Advisory
https://lists.debian.org/debian-lts-announce/2023/02/msg00030.html
https://github.com/unshiftio/url-parse/commit/ef45a1355375a8244063793a19059b4f62fc8788
PatchThird Party Advisory
https://huntr.dev/bounties/83a6bc9a-b542-4a38-82cd-d995a1481155
ExploitIssue TrackingPatchThird Party Advisory
https://lists.debian.org/debian-lts-announce/2023/02/msg00030.html
https://lists.debian.org/debian-lts-announce/2025/12/msg00024.html