Lucene search
K

4 matches found

Cvelist
Cvelist
added 2022/12/21 1:21 a.m.33 views

CVE-2022-25940 Denial of Service (DoS)

All versions of package lite-server are vulnerable to Denial of Service DoS when an attacker sends an HTTP request and includes control characters that the decodeURI function is unable to parse...

7.5CVSS7.7AI score0.01155EPSS
Exploits1References3
CVE
CVE
added 2022/12/21 1:21 a.m.78 views

CVE-2022-25940

CVE-2022-25940 affects lite-server (all versions) with a DoS condition caused by HTTP requests containing control characters that decodeURI() cannot parse. This leads to an availability impact (DoS) as described in multiple sources; CVSS v3.1 base score 7.5 (HIGH) in NVD/Snyk records. A remediati...

7.5CVSS7.5AI score0.01155EPSS
Exploits1References3Affected Software1
vulnersOsv
vulnersOsv
added 2022/12/20 6:30 a.m.5 views

2cs (=1.0.0), @abhishekgaps1/ts-2 (>=1.0.0 <=1.0.1) +74 more potentially affected by CVE-2022-25940 via lite-server (>=1.3.4 <=2.6.1)

lite-server NPM version =1.3.4, =1.0.0, =2.21.0, =0.0.8, =1.2.3, =1.0.48, =1.2.0, =0.1.0, =0.0.2, =1.0.0, =0.2.0, =0.2.3 - angular-two =1.0.0 - angular2-flash-message =0.0.4 and more Source cves: CVE-2022-25940 Source advisory: OSV:GHSA-89W7-5Q45-R53W...

7.5CVSS7AI score0.01155EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/12/05 1:33 p.m.5 views

2cs (=1.0.0), @abhishekgaps1/ts-2 (>=1.0.0 <=1.0.1) +74 more potentially affected by CVE-2022-25940 via lite-server (>=1.3.4 <=2.6.1)

lite-server NPM version =1.3.4, =1.0.0, =2.21.0, =0.0.8, =1.2.3, =1.0.48, =1.2.0, =0.1.0, =0.0.2, =1.0.0, =0.2.0, =0.2.3 - angular-two =1.0.0 - angular2-flash-message =0.0.4 and more Source cves: CVE-2022-25940 Source advisory: SNYK:JS-LITESERVER-3153540...

7.5CVSS7AI score0.01155EPSS
Exploits1
Rows per page
Query Builder