uri-js vulnerabilities

An RFC 3986/3987 compliant, scheme extendable URI/IRI parsing/validating/resolving library for JavaScript.

latest version

4.4.1
latest non vulnerable version

4.4.1
first published

12 years ago
latest version published

3 years ago
licenses detected
- Apache-2.0
  >=1.4.0 <2.0.0
- BSD-2-Clause
  >=2.0.0
View uri-js package health on Snyk Advisor Open this link in a new tab

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the uri-js package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
H Regular Expression Denial of Service (ReDoS)	<3.0.0
H Regular Expression Denial of Service (ReDoS)	<3.0.0

Package versions

1 - 14 of 14 Results

version	published	direct vulnerabilities
4.4.1	10 Jan, 2021	0 C 0 H 0 M 0 L
4.4.0	30 Aug, 2020	0 C 0 H 0 M 0 L
4.3.0	30 Aug, 2020	0 C 0 H 0 M 0 L
4.2.2	25 May, 2018	0 C 0 H 0 M 0 L
4.2.1	11 Apr, 2018	0 C 0 H 0 M 0 L
4.2.0	1 Apr, 2018	0 C 0 H 0 M 0 L
3.0.2	28 Mar, 2017	0 C 0 H 0 M 0 L
3.0.1	27 Mar, 2017	0 C 0 H 0 M 0 L
3.0.0	24 Mar, 2017	0 C 0 H 0 M 0 L
2.1.1	8 Jul, 2015	0 C 2 H 0 M 0 L
2.1.0	8 Jun, 2015	0 C 2 H 0 M 0 L
2.0.0	4 Jun, 2015	0 C 2 H 0 M 0 L
1.4.2	24 May, 2012	0 C 2 H 0 M 0 L
1.4.0	13 Mar, 2012	0 C 2 H 0 M 0 L