Vulnerabilities

 1 via 2 paths

Dependencies

 89

Source

 GitHub

Commit

 091fac21

Find, fix and prevent vulnerabilities in your code.

Test and protect my applications
Severity
  • 1
Status
  • 1
  • 0
  • 0

medium severity
new

Improper Validation of Specified Type of Input

  • Vulnerable module: validator
  • Introduced through: @terrestris/base-util@3.0.0 and @terrestris/react-util@12.1.1

Detailed paths

  • Introduced through: @terrestris/react-geo@terrestris/react-geo#091fac21fd09a234ecb08fb19a685abfb7ffc2f7 @terrestris/base-util@3.0.0 validator@13.15.15
  • Introduced through: @terrestris/react-geo@terrestris/react-geo#091fac21fd09a234ecb08fb19a685abfb7ffc2f7 @terrestris/react-util@12.1.1 @terrestris/base-util@3.0.0 validator@13.15.15

Overview

validator is a library of string validators and sanitizers.

Affected versions of this package are vulnerable to Improper Validation of Specified Type of Input. The isURL() function in the validator module parses and validates protocols in URLs using the following method

Remediation

A fix was pushed into the master branch but not yet published.

References

Improper Validation of Specified Type of Input vulnerability report