Vulnerabilities

All ecosystems 601914 AlmaLinux 4573 Alpaquita 8624 Alpine 4026 Android 3259 BellSoft Hardened Containers 399 Bitnami 6765 Chainguard 5351 CleanStart 647 CRAN 14 crates.io 2158 Debian 53780 Echo 3084 GHC 3 GIT 81407 GitHub Actions 48 Go 6377 Hackage 29 Hex 57 Julia 387 Linux 15361 Mageia 5851 Maven 6251 MinimOS 18655 npm 216795 NuGet 1620 opam 11 openEuler 6219 openSUSE 12318 OSS-Fuzz 3811 Packagist 5958 Pub 11 PyPI 18400 Red Hat 18999 Rocky Linux 2826 Root 11362 RubyGems 1919 SUSE 20062 SwiftURL 50 Ubuntu 51056 VSCode 18 Wolfi 3373

GHSA-x39x-9qw5-ghrf

PyPI/browser-use

Browser Use allows bypassing `allowed_domains` by putting a decoy domain in http auth username portion of a URL

05 May 2025

Fix available
Severity - 9.3 (Critical)