Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2022-0686
PUBLISHED
More InfoOfficial Page
Assigner-@huntrdev
Assigner Org ID-c09c270a-b464-47c1-9133-acb35b22c19a
View Known Exploited Vulnerability (KEV) details
Published At-20 Feb, 2022 | 00:00
Updated At-02 Aug, 2024 | 23:40
Rejected At-
▼CVE Numbering Authority (CNA)
Authorization Bypass Through User-Controlled Key in unshiftio/url-parse

Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.8.

Affected Products
Vendor
unshiftio
Product
unshiftio/url-parse
Versions
Affected
  • From unspecified before 1.5.8 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-639CWE-639 Authorization Bypass Through User-Controlled Key
Type: CWE
CWE ID: CWE-639
Description: CWE-639 Authorization Bypass Through User-Controlled Key
Metrics
VersionBase scoreBase severityVector
3.06.5MEDIUM
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Version: 3.0
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://huntr.dev/bounties/55fd06cd-9054-4d80-83be-eb5a454be78c
N/A
https://github.com/unshiftio/url-parse/commit/d5c64791ef496ca5459ae7f2176a31ea53b127e5
N/A
https://security.netapp.com/advisory/ntap-20220325-0006/
N/A
https://lists.debian.org/debian-lts-announce/2023/02/msg00030.html
mailing-list
Hyperlink: https://huntr.dev/bounties/55fd06cd-9054-4d80-83be-eb5a454be78c
Resource: N/A
Hyperlink: https://github.com/unshiftio/url-parse/commit/d5c64791ef496ca5459ae7f2176a31ea53b127e5
Resource: N/A
Hyperlink: https://security.netapp.com/advisory/ntap-20220325-0006/
Resource: N/A
Hyperlink: https://lists.debian.org/debian-lts-announce/2023/02/msg00030.html
Resource:
mailing-list
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://huntr.dev/bounties/55fd06cd-9054-4d80-83be-eb5a454be78c
x_transferred
https://github.com/unshiftio/url-parse/commit/d5c64791ef496ca5459ae7f2176a31ea53b127e5
x_transferred
https://security.netapp.com/advisory/ntap-20220325-0006/
x_transferred
https://lists.debian.org/debian-lts-announce/2023/02/msg00030.html
mailing-list
x_transferred
Hyperlink: https://huntr.dev/bounties/55fd06cd-9054-4d80-83be-eb5a454be78c
Resource:
x_transferred
Hyperlink: https://github.com/unshiftio/url-parse/commit/d5c64791ef496ca5459ae7f2176a31ea53b127e5
Resource:
x_transferred
Hyperlink: https://security.netapp.com/advisory/ntap-20220325-0006/
Resource:
x_transferred
Hyperlink: https://lists.debian.org/debian-lts-announce/2023/02/msg00030.html
Resource:
mailing-list
x_transferred
Details not found