{"source":1109241,"name":"validator","dependency":"validator","title":"validator.js has a URL validation bypass vulnerability in its isURL function","url":"https://github.com/advisories/GHSA-9965-vmph-33xx","severity":"moderate","versions":["0.1.0","0.1.1","0.1.2","0.1.3","0.1.4","0.1.5","0.1.6","0.1.7","0.1.8","0.1.9","0.2.0","0.2.1","0.2.2","0.2.3","0.2.4","0.2.5","0.2.6","0.2.7","0.2.8","0.2.9","0.3.0","0.3.1","0.3.2","0.3.4","0.3.5","0.3.6","0.3.7","0.3.8","0.3.9","0.4.0","0.4.1","0.4.2","0.4.3","0.4.4","0.4.5","0.4.6-1","0.4.6-2","0.4.6-3","0.4.6","0.4.7","0.4.8","0.4.9","0.4.10","0.4.11","0.4.12","0.4.13","0.4.15","0.4.16","0.4.17","0.4.18","0.4.19","0.4.20","0.4.21","0.4.22","0.4.23","0.4.24","0.4.25","0.4.27","0.4.28","0.5.0","1.0.0","1.1.0","1.1.1","1.1.2","1.1.3","1.2.0","1.2.1","1.2.2","1.3.0","1.4.0","1.5.0","1.5.1","2.0.0","2.1.0","3.0.0","3.1.0","3.2.0","3.2.1","3.3.0","3.4.0","3.5.0","3.5.1","3.6.0","3.7.0","3.8.0","3.9.0","3.10.0","3.11.0","3.11.1","3.11.2","3.12.0","3.13.0","3.14.0","3.14.1","3.15.0","3.16.0","3.16.1","3.17.0","3.17.1","3.17.2","3.18.0","3.18.1","3.19.0","3.19.1","3.20.0","3.21.0","3.22.0","3.22.1","3.22.2","3.23.0","3.24.0","3.25.0","3.26.0","3.27.0","3.28.0","3.29.0","3.30.0","3.32.0","3.33.0","3.34.0","3.35.0","3.36.0","3.37.0","3.38.0","3.39.0","3.40.0","3.40.1","3.41.0","3.41.1","3.41.2","3.41.3","3.42.0","3.43.0","4.0.0","4.0.1","4.0.2","4.0.3","4.0.4","4.0.5","4.0.6","4.1.0","4.2.0","4.2.1","4.3.0","4.4.0","4.5.0","4.5.1","4.5.2","4.6.0","4.6.1","4.7.0","4.7.1","4.8.0","4.9.0","5.0.0","5.1.0","5.2.0","5.3.0","5.4.0","5.5.0","5.6.0","5.7.0","6.0.0","6.1.0","6.2.0","6.2.1","6.3.0","7.0.0","7.1.0","7.2.0","8.0.0","8.1.0","8.2.0","9.0.0","9.1.0","9.1.1","9.1.2","9.2.0","9.3.0","9.4.0","9.4.1","10.0.0","10.1.0","10.2.0","10.3.0","10.4.0","10.5.0","10.6.0","10.7.0","10.7.1","10.8.0","10.9.0","10.10.0","10.11.0","11.0.0","11.1.0","12.0.0","12.1.0","12.2.0","13.0.0","13.1.0","13.1.1","13.1.17","13.5.0","13.5.1","13.5.2","13.6.0","13.7.0","13.9.0","13.11.0","13.12.0","13.15.0","13.15.15","13.15.20","13.15.22"],"vulnerableVersions":["0.1.0","0.1.1","0.1.2","0.1.3","0.1.4","0.1.5","0.1.6","0.1.7","0.1.8","0.1.9","0.2.0","0.2.1","0.2.2","0.2.3","0.2.4","0.2.5","0.2.6","0.2.7","0.2.8","0.2.9","0.3.0","0.3.1","0.3.2","0.3.4","0.3.5","0.3.6","0.3.7","0.3.8","0.3.9","0.4.0","0.4.1","0.4.2","0.4.3","0.4.4","0.4.5","0.4.6-1","0.4.6-2","0.4.6-3","0.4.6","0.4.7","0.4.8","0.4.9","0.4.10","0.4.11","0.4.12","0.4.13","0.4.15","0.4.16","0.4.17","0.4.18","0.4.19","0.4.20","0.4.21","0.4.22","0.4.23","0.4.24","0.4.25","0.4.27","0.4.28","0.5.0","1.0.0","1.1.0","1.1.1","1.1.2","1.1.3","1.2.0","1.2.1","1.2.2","1.3.0","1.4.0","1.5.0","1.5.1","2.0.0","2.1.0","3.0.0","3.1.0","3.2.0","3.2.1","3.3.0","3.4.0","3.5.0","3.5.1","3.6.0","3.7.0","3.8.0","3.9.0","3.10.0","3.11.0","3.11.1","3.11.2","3.12.0","3.13.0","3.14.0","3.14.1","3.15.0","3.16.0","3.16.1","3.17.0","3.17.1","3.17.2","3.18.0","3.18.1","3.19.0","3.19.1","3.20.0","3.21.0","3.22.0","3.22.1","3.22.2","3.23.0","3.24.0","3.25.0","3.26.0","3.27.0","3.28.0","3.29.0","3.30.0","3.32.0","3.33.0","3.34.0","3.35.0","3.36.0","3.37.0","3.38.0","3.39.0","3.40.0","3.40.1","3.41.0","3.41.1","3.41.2","3.41.3","3.42.0","3.43.0","4.0.0","4.0.1","4.0.2","4.0.3","4.0.4","4.0.5","4.0.6","4.1.0","4.2.0","4.2.1","4.3.0","4.4.0","4.5.0","4.5.1","4.5.2","4.6.0","4.6.1","4.7.0","4.7.1","4.8.0","4.9.0","5.0.0","5.1.0","5.2.0","5.3.0","5.4.0","5.5.0","5.6.0","5.7.0","6.0.0","6.1.0","6.2.0","6.2.1","6.3.0","7.0.0","7.1.0","7.2.0","8.0.0","8.1.0","8.2.0","9.0.0","9.1.0","9.1.1","9.1.2","9.2.0","9.3.0","9.4.0","9.4.1","10.0.0","10.1.0","10.2.0","10.3.0","10.4.0","10.5.0","10.6.0","10.7.0","10.7.1","10.8.0","10.9.0","10.10.0","10.11.0","11.0.0","11.1.0","12.0.0","12.1.0","12.2.0","13.0.0","13.1.0","13.1.1","13.1.17","13.5.0","13.5.1","13.5.2","13.6.0","13.7.0","13.9.0","13.11.0","13.12.0","13.15.0","13.15.15"],"cwe":["CWE-79"],"cvss":{"score":6.1,"vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},"range":"<13.15.20","id":"IkyJOqfhkev0E9tRX4zbgkqtsxJX67cd4upO2f1EheDpncnx522qyf9oLyXwjDcWGeZOQHSqJUAh/kUyYH60qQ=="}