CVE-2020-8124

Summary

Insufficient validation and sanitization of user input exists in url-parse npm package version 1.4.4 and earlier may allow attacker to bypass security checks.

Affected Software

VendorProductVersion RangeStatus
n/aurl-parseFixed Version 1.4.5affected

Weaknesses

  • CWE-20: Improper Input Validation (CWE-20)

ADP Enrichment

CVE Program Container

Additional References

References