4 matches found
CVE-2022-25940 Denial of Service (DoS)
All versions of package lite-server are vulnerable to Denial of Service DoS when an attacker sends an HTTP request and includes control characters that the decodeURI function is unable to parse...
CVE-2022-25940
CVE-2022-25940 affects lite-server (all versions) with a DoS condition caused by HTTP requests containing control characters that decodeURI() cannot parse. This leads to an availability impact (DoS) as described in multiple sources; CVSS v3.1 base score 7.5 (HIGH) in NVD/Snyk records. A remediati...
2cs (=1.0.0), @abhishekgaps1/ts-2 (>=1.0.0 <=1.0.1) +74 more potentially affected by CVE-2022-25940 via lite-server (>=1.3.4 <=2.6.1)
lite-server NPM version =1.3.4, =1.0.0, =2.21.0, =0.0.8, =1.2.3, =1.0.48, =1.2.0, =0.1.0, =0.0.2, =1.0.0, =0.2.0, =0.2.3 - angular-two =1.0.0 - angular2-flash-message =0.0.4 and more Source cves: CVE-2022-25940 Source advisory: OSV:GHSA-89W7-5Q45-R53W...
2cs (=1.0.0), @abhishekgaps1/ts-2 (>=1.0.0 <=1.0.1) +74 more potentially affected by CVE-2022-25940 via lite-server (>=1.3.4 <=2.6.1)
lite-server NPM version =1.3.4, =1.0.0, =2.21.0, =0.0.8, =1.2.3, =1.0.48, =1.2.0, =0.1.0, =0.0.2, =1.0.0, =0.2.0, =0.2.3 - angular-two =1.0.0 - angular2-flash-message =0.0.4 and more Source cves: CVE-2022-25940 Source advisory: SNYK:JS-LITESERVER-3153540...