CVE-2020-8124 - AskarLabs CVE Database

CVE-2020-8124

Vendor N/A

Product url-parse

Weakness CWE-20 · Input validation

Published February 4, 2020

Last update August 4, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

Insufficient validation and sanitization of user input exists in url-parse npm package version 1.4.4 and earlier may allow attacker to bypass security checks.

Key dates

02Disclosure timeline

February 4, 2020 CVE published

August 4, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2020-8124 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/20.html

Related vulnerabilities

04Related CVE

CVE-2026-9211 Certain NETGEAR routers allow unauthenticated users to gain control of the router CVE-2023-38131 CVE-2024-56133 Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection. CVE-2023-3710 Printer web page invalid command execution CVE-2017-12273