VYPR
Moderate severityNVD Advisory· Published Feb 17, 2022· Updated Dec 16, 2025

Authorization Bypass Through User-Controlled Key in unshiftio/url-parse

CVE-2022-0639

Description

Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.7.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
url-parsenpm
>= 1.0.0, < 1.5.71.5.7

Affected products

2
  • ghsa-coords
    Range: >= 1.0.0, < 1.5.7
  • unshiftio/unshiftio/url-parsev5
    Range: unspecified

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.