Insufficient validation and sanitization of user input exists in url-parse npm package version 1.4.4 and earlier may allow attacker to bypass security checks.
{ "binaries": [ { "binary_version": "1.0.5-2ubuntu0.1~esm2", "binary_name": "node-url-parse" } ], "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro" }
{ "binaries": [ { "binary_version": "1.2.0-1ubuntu0.1", "binary_name": "node-url-parse" } ], "availability": "No subscription required" }