CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-3774

Incorrect parsing in url-parse <1.4.3 returns wrong hostname which leads to multiple vulnerabilities such as SSRF, Open Redirect, Bypass Authentication Protocol.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.01

EPSS Ranking 75.7%

CVSS Severity

CVSS v3 Score 10.0

CVSS v2 Score 7.5

References

Products affected by CVE-2018-3774

Url-Parse Project » Url-Parse » Version: 0.0.4

cpe:2.3:o:url-parse_project:url-parse:0.0.4
Url-Parse Project » Url-Parse » Version: 0.1

cpe:2.3:o:url-parse_project:url-parse:0.1
Url-Parse Project » Url-Parse » Version: 0.1.0

cpe:2.3:o:url-parse_project:url-parse:0.1.0
Url-Parse Project » Url-Parse » Version: 0.1.1

cpe:2.3:o:url-parse_project:url-parse:0.1.1
Url-Parse Project » Url-Parse » Version: 0.1.2

cpe:2.3:o:url-parse_project:url-parse:0.1.2
Url-Parse Project » Url-Parse » Version: 0.1.3

cpe:2.3:o:url-parse_project:url-parse:0.1.3
Url-Parse Project » Url-Parse » Version: 0.1.4

cpe:2.3:o:url-parse_project:url-parse:0.1.4
Url-Parse Project » Url-Parse » Version: 0.1.5

cpe:2.3:o:url-parse_project:url-parse:0.1.5
Url-Parse Project » Url-Parse » Version: 0.2

cpe:2.3:o:url-parse_project:url-parse:0.2
Url-Parse Project » Url-Parse » Version: 0.2.1

cpe:2.3:o:url-parse_project:url-parse:0.2.1
Url-Parse Project » Url-Parse » Version: 0.2.2

cpe:2.3:o:url-parse_project:url-parse:0.2.2
Url-Parse Project » Url-Parse » Version: 0.2.3

cpe:2.3:o:url-parse_project:url-parse:0.2.3
Url-Parse Project » Url-Parse » Version: 1.0.0

cpe:2.3:o:url-parse_project:url-parse:1.0.0
Url-Parse Project » Url-Parse » Version: 1.0.1

cpe:2.3:o:url-parse_project:url-parse:1.0.1
Url-Parse Project » Url-Parse » Version: 1.0.2

cpe:2.3:o:url-parse_project:url-parse:1.0.2
Url-Parse Project » Url-Parse » Version: 1.0.3

cpe:2.3:o:url-parse_project:url-parse:1.0.3
Url-Parse Project » Url-Parse » Version: 1.0.4

cpe:2.3:o:url-parse_project:url-parse:1.0.4
Url-Parse Project » Url-Parse » Version: 1.0.5

cpe:2.3:o:url-parse_project:url-parse:1.0.5
Url-Parse Project » Url-Parse » Version: 1.1.0

cpe:2.3:o:url-parse_project:url-parse:1.1.0
Url-Parse Project » Url-Parse » Version: 1.1.1

cpe:2.3:o:url-parse_project:url-parse:1.1.1
Url-Parse Project » Url-Parse » Version: 1.1.2

cpe:2.3:o:url-parse_project:url-parse:1.1.2
Url-Parse Project » Url-Parse » Version: 1.1.3

cpe:2.3:o:url-parse_project:url-parse:1.1.3
Url-Parse Project » Url-Parse » Version: 1.1.4

cpe:2.3:o:url-parse_project:url-parse:1.1.4
Url-Parse Project » Url-Parse » Version: 1.1.5

cpe:2.3:o:url-parse_project:url-parse:1.1.5
Url-Parse Project » Url-Parse » Version: 1.1.6

cpe:2.3:o:url-parse_project:url-parse:1.1.6
Url-Parse Project » Url-Parse » Version: 1.1.7

cpe:2.3:o:url-parse_project:url-parse:1.1.7
Url-Parse Project » Url-Parse » Version: 1.1.8

cpe:2.3:o:url-parse_project:url-parse:1.1.8
Url-Parse Project » Url-Parse » Version: 1.1.9

cpe:2.3:o:url-parse_project:url-parse:1.1.9
Url-Parse Project » Url-Parse » Version: 1.2.0

cpe:2.3:o:url-parse_project:url-parse:1.2.0
Url-Parse Project » Url-Parse » Version: 1.3.0

cpe:2.3:o:url-parse_project:url-parse:1.3.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-3774

Products

Pricing

Contact Us