Reamer
commented
1 year ago This plugin only analyzes the report. The report seems to be wrong already, please contact the dependency-check plugin.
Closed jan316 closed 10 months ago
Reamer
commented
1 year ago This plugin only analyzes the report. The report seems to be wrong already, please contact the dependency-check plugin.
github-actions[bot]
commented
10 months ago This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 14 days.
https://community.sonarsource.com/t/false-positive-confusing-npm-packages-ionicabizau-parse-url-parseurl-1-3-3/97820
Filename: parseurl:1.3.3 | Reference: CVE-2022-2216 | CVSS Score: 9.8 | Category: CWE-918 | Server-Side Request Forgery (SSRF) in GitHub repository ionicabizau/parse-url prior to 7.0.0.
NPM package ionicabizau/parse-url is not parseurl.