pkg:npm/urijs

8 total CVEsHIGH2MEDIUM6

✅ Check your installed version

All known vulnerabilities

  • HIGH7.5CVE-2021-27516URIjs Hostname spoofing via backslashes in URL
    from 0, < 1.19.6
  • HIGH7.2CVE-2022-1243Incorrect protocol extraction via \r, \n and \t characters
    from 0, < 1.19.11
  • MEDIUM6.5CVE-2022-1233URL Confusion When Scheme Not Supplied in medialize/uri.js
    from 0, < 1.19.11
  • MEDIUM6.5CVE-2022-0613Authorization Bypass Through User-Controlled Key in urijs
    from 0, < 1.19.8
  • MEDIUM6.5CVE-2020-26291Hostname spoofing via backslashes in URL
    from 0, < 1.19.4
  • MEDIUM6.1CVE-2022-0868Open Redirect in urijs
    from 0, < 1.19.10
  • MEDIUM5.3CVE-2022-24723Leading white space bypasses protocol validation
    from 0, < 1.19.9
  • MEDIUM5.3CVE-2021-3647URIjs Vulnerable to Hostname spoofing via backslashes in URL
    from 0, < 1.19.7
npm/urijs — 8 CVEs · VulnScope