Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:npm/url-parse@1.0.2
purl pkg:npm/url-parse@1.0.2
Next non-vulnerable version 1.5.9
Latest non-vulnerable version 1.5.9
Risk 4.5
Vulnerabilities affecting this package (8)
Vulnerability Summary Fixed by
VCID-77sm-xs3z-2fba
Aliases:
CVE-2020-8124
GHSA-46c4-8wrp-j99v
Improper Validation and Sanitization in url-parse
1.4.5
Affected by 6 other vulnerabilities.
VCID-7k2e-h442-budm
Aliases:
CVE-2021-3664
GHSA-hh27-ffr2-f2jc
url-parse is vulnerable to URL Redirection to Untrusted Site
1.5.2
Affected by 4 other vulnerabilities.
VCID-7kvx-pymh-7kch
Aliases:
CVE-2022-0512
GHSA-rqff-837h-mm52
Authorization bypass in url-parse
1.5.6
Affected by 3 other vulnerabilities.
VCID-bs8v-khzf-9qad
Aliases:
CVE-2022-0686
GHSA-hgjh-723h-mx2j
Authorization Bypass Through User-Controlled Key in url-parse
1.5.8
Affected by 1 other vulnerability.
VCID-gzng-b4gs-xfhg
Aliases:
CVE-2018-3774
GHSA-pv4c-p2j5-38j4
Open Redirect in url-parse
1.4.3
Affected by 7 other vulnerabilities.
VCID-hwa6-jjmj-rud5
Aliases:
CVE-2021-27515
GHSA-9m6j-fcg5-2442
url-parse before 1.5.0 mishandles certain uses of backslash such as http:\/ and interprets the URI as a relative path.
1.5.0
Affected by 5 other vulnerabilities.
VCID-x89h-pdw9-puas
Aliases:
CVE-2022-0639
GHSA-8v38-pw62-9cw2
url-parse Incorrectly parses URLs that include an '@'
1.5.7
Affected by 2 other vulnerabilities.
VCID-xvc2-dez9-byey
Aliases:
CVE-2022-0691
GHSA-jf5r-8hm2-f872
url-parse incorrectly parses hostname / protocol due to unstripped leading control characters.
1.5.9
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-06-12T18:00:22.682617+00:00 GitLab Importer Affected by VCID-xvc2-dez9-byey https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/url-parse/CVE-2022-0691.yml 38.6.0
2026-06-12T18:00:17.690301+00:00 GitLab Importer Affected by VCID-bs8v-khzf-9qad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/url-parse/CVE-2022-0686.yml 38.6.0
2026-06-12T18:00:14.234409+00:00 GitLab Importer Affected by VCID-x89h-pdw9-puas https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/url-parse/CVE-2022-0639.yml 38.6.0
2026-06-12T17:59:55.374985+00:00 GitLab Importer Affected by VCID-7kvx-pymh-7kch https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/url-parse/CVE-2022-0512.yml 38.6.0
2026-06-12T17:55:00.188663+00:00 GitLab Importer Affected by VCID-77sm-xs3z-2fba https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/url-parse/CVE-2020-8124.yml 38.6.0
2026-06-12T17:45:00.834383+00:00 GitLab Importer Affected by VCID-7k2e-h442-budm https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/url-parse/CVE-2021-3664.yml 38.6.0
2026-06-12T17:38:43.646558+00:00 GitLab Importer Affected by VCID-hwa6-jjmj-rud5 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/url-parse/CVE-2021-27515.yml 38.6.0
2026-06-12T17:03:16.994751+00:00 GitLab Importer Affected by VCID-gzng-b4gs-xfhg https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/url-parse/CVE-2018-3774.yml 38.6.0