Authorization Bypass Through User-Controlled Key in url-parse
Affected versions >=0 <1.5.8
Incorrect hostname / protocol due to unstripped leading control characters.
Affected versions >=0 <1.5.9
Authorization bypass in url-parse
Affected versions >=0 <1.5.6
Path traversal in url-parse
Affected versions >=0 <1.5.0
Open redirect in url-parse
Affected versions >=0 <1.5.2
Incorrect returned href via an '@' sign but no user info and hostname
Affected versions >=0 <1.5.7