Closed jan316 closed 10 months ago
This plugin only analyzes the report. The report seems to be wrong already, please contact the dependency-check plugin.
This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 14 days.
https://community.sonarsource.com/t/false-positive-confusing-npm-packages-ionicabizau-parse-url-parseurl-1-3-3/97820
Filename: parseurl:1.3.3 | Reference: CVE-2022-2216 | CVSS Score: 9.8 | Category: CWE-918 | Server-Side Request Forgery (SSRF) in GitHub repository ionicabizau/parse-url prior to 7.0.0.
NPM package ionicabizau/parse-url is not parseurl.