Vulnerability Details CVE-2022-2900
Server-Side Request Forgery (SSRF) in GitHub repository ionicabizau/parse-url prior to 8.1.0.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 70.8%
CVSS Severity
CVSS v3 Score 9.1
References
- https://github.com/ionicabizau/parse-url/commit/b88c81df8f4c5168af454eaa4f92afa9349e4e13
- https://huntr.dev/bounties/1b4c972a-abc8-41eb-a2e1-696db746b5fd
- https://github.com/ionicabizau/parse-url/commit/b88c81df8f4c5168af454eaa4f92afa9349e4e13
- https://huntr.dev/bounties/1b4c972a-abc8-41eb-a2e1-696db746b5fd
Products affected by CVE-2022-2900
-
cpe:2.3:a:parse-url_project:parse-url:3.0.0
-
cpe:2.3:a:parse-url_project:parse-url:3.0.1
-
cpe:2.3:a:parse-url_project:parse-url:3.0.2
-
cpe:2.3:a:parse-url_project:parse-url:4.0.0
-
cpe:2.3:a:parse-url_project:parse-url:5.0.0
-
cpe:2.3:a:parse-url_project:parse-url:5.0.1
-
cpe:2.3:a:parse-url_project:parse-url:5.0.2
-
cpe:2.3:a:parse-url_project:parse-url:5.0.3
-
cpe:2.3:a:parse-url_project:parse-url:5.0.5
-
cpe:2.3:a:parse-url_project:parse-url:5.0.6
-
cpe:2.3:a:parse-url_project:parse-url:5.0.8
-
cpe:2.3:a:parse-url_project:parse-url:6.0.0
-
cpe:2.3:a:parse-url_project:parse-url:6.0.1
-
cpe:2.3:a:parse-url_project:parse-url:7.0.0
-
cpe:2.3:a:parse-url_project:parse-url:7.0.1
-
cpe:2.3:a:parse-url_project:parse-url:7.0.2
-
cpe:2.3:a:parse-url_project:parse-url:8.0.0