A vulnerability was found in nodejs-url-parse where url-parse is vulnerable to URL Redirection to Untrusted Site.
Upstream fix: https://github.com/unshiftio/url-parse/pull/208
This vulnerability is exactly like CVE-2021-27515.
The fix looks like a incomplete fix for CVE-2021-27515 (https://github.com/unshiftio/url-parse/pull/197/files).
This is only pulled in by default with the webpack-dev-server. We don't actually use the url-parse package in our application. Is there anything else we need to do with this?