Vulnerabilities > URI JS Project

DATE CVE VULNERABILITY TITLE RISK
2022-04-05 CVE-2022-1243 Unspecified vulnerability in Uri.Js Project Uri.Js
CRHTLF can lead to invalid protocol extraction potentially leading to XSS in GitHub repository medialize/uri.js prior to 1.19.11.
network
low complexity
uri-js-project
6.1
6.1
2022-04-04 CVE-2022-1233 Open Redirect vulnerability in Uri.Js Project Uri.Js
URL Confusion When Scheme Not Supplied in GitHub repository medialize/uri.js prior to 1.19.11.
network
low complexity
uri-js-project CWE-601
6.1
6.1
2022-03-06 CVE-2022-0868 Open Redirect vulnerability in Uri.Js Project Uri.Js
Open Redirect in GitHub repository medialize/uri.js prior to 1.19.10.
network
low complexity
uri-js-project CWE-601
6.1
6.1
2022-03-03 CVE-2022-24723 Unspecified vulnerability in Uri.Js Project Uri.Js
URI.js is a Javascript URL mutation library.
network
low complexity
uri-js-project
5.3
5.3
2022-02-16 CVE-2022-0613 Authorization Bypass Through User-Controlled Key vulnerability in multiple products
Authorization Bypass Through User-Controlled Key in NPM urijs prior to 1.19.8.
network
low complexity
uri-js-project fedoraproject CWE-639
6.5
6.5
2021-07-16 CVE-2021-3647 Open Redirect vulnerability in Uri.Js Project Uri.Js
URI.js is vulnerable to URL Redirection to Untrusted Site
network
low complexity
uri-js-project CWE-601
6.1
6.1
2021-02-22 CVE-2021-27516 Unspecified vulnerability in Uri.Js Project Uri.Js
URI.js (aka urijs) before 1.19.6 mishandles certain uses of backslash such as http:\/ and interprets the URI as a relative path.
network
low complexity
uri-js-project
7.5
7.5
2020-12-31 CVE-2020-26291 Improper Input Validation vulnerability in Uri.Js Project Uri.Js
URI.js is a javascript URL mutation library (npm package urijs).
network
low complexity
uri-js-project CWE-20
6.5
6.5