VYPR

Maven package

lambdaisland/uri

pkg:maven/lambdaisland/uri

Vulnerabilities (1)

  • CVE-2023-28628Mar 27, 2023
    affected < 1.14.120fixed 1.14.120

    lambdaisland/uri is a pure Clojure/ClojureScript URI library. In versions prior to 1.14.120 `authority-regex` allows an attacker to send malicious URLs to be parsed by the `lambdaisland/uri` and return the wrong authority. This issue is similar to but distinct from CVE-2020-8910.