Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
1.19.2
->1.19.9
By merging this PR, the below vulnerabilities will be automatically resolved:
Release Notes
medialize/URI.js
v1.19.9
Compare Source
URI.parse()
handle leading whitespace - disclosed by p0cas via https://huntr.dev/v1.19.8
Compare Source
URI.parse()
treat scheme case-insenstivie when handling excessive slackes and backslashes - PR #412 by r0hanSHv1.19.7
Compare Source
URI.parseQuery()
to prevent overwriting__proto__
in parseQuery() - disclosed privately by @NewEraCrackerURI.parse()
to handle variable amounts of\
and/
in scheme delimiter as Node and Browsers do - disclosed privately by ready-research via https://huntr.dev/v1.19.6
Compare Source
URI.parse()
to rewrite\
in scheme delimiter to/
as Node and Browsers do - disclosed privately by Yaniv Nizry from the CxSCA AppSec team at Checkmarxv1.19.5
Compare Source
v1.19.4
Compare Source
URI.parseAuthority()
to rewrite\
to/
as Node and Browsers do - followed up to by alesandroortiz in PR #403, relates to Issue #233v1.19.3
Compare Source
URI.parseAuthority()
to rewrite\
to/
as Node and Browsers do - disclosed privately by alesandroortiz, relates to Issue #233