CVE-2018-3774

Incorrect parsing in url-parse <1.4.3 returns wrong hostname which leads to multiple vulnerabilities such as SSRF, Open Redirect, Bypass Authentication Protocol.

Incorrect parsing in url-parse <1.4.3 returns wrong hostname which leads to multiple vulnerabilities such as SSRF, Open Redirect, Bypass Authentication Protocol.

Versions of `url-parse` before 1.4.3 returns the wrong hostname which could lead to Open Redirect, Server Side Request Forgery (SSRF), or Bypass Authentication Protocol vulnerabilities. ## Recommendation Update to version 1.4.3 or later.

Versions of `url-parse` before 1.4.3 returns the wrong hostname which could lead to Open Redirect, Server Side Request Forgery (SSRF), or Bypass Authentication Protocol vulnerabilities. ## Recommendation Update to version 1.4.3 or later.

Análisis incorrecto en url-parse en versiones anteriores a la 1.4.3 devuelve el nombre de host erróneo, lo que conduce a múltiples vulnerabilidades como Server-Side Request Forgery (SSRF), redirección abierta u omisión del protocolo de autenticación.