Lucene search
K

6 matches found

RedHat Linux
RedHat Linux
added 4 days ago6 views

decode-uri-component: decode-uri-component: Denial of Service via crafted input

A flaw was found in the decode-uri-component library. This vulnerability allows a remote attacker to trigger a Denial of Service DoS by submitting specially crafted input. The decode function, when processing a large number of encoded URI components, consumes excessive CPU resources, which can le...

8.7CVSS6.1AI score0.00304EPSS
Exploits0References7
OSV
OSV
added 2026/06/30 9:16 a.m.3 views

UBUNTU-CVE-2026-45822

decode-uri-component through 0.4.1 is vulnerable to denial of service. The decode function splits input on '%' producing N tokens and calls decodeComponents, exhibiting super-linear parsing time: 200 '%ab' tokens takes approximately 0.7s, 700 tokens approximately 6s, and 1400 tokens approximately...

8.7CVSS5.8AI score0.00304EPSS
Exploits0References5
CVE
CVE
added 2026/06/30 8:5 a.m.26 views

CVE-2026-45822

CVE-2026-45822 – decode-uri-component : The connected records specify that the npm package decode-uri-component (versions up to 0.4.1) is vulnerable. The vulnerability lies in the decode() function, which splits input on '%' and then calls decodeComponents(), producing super-linear parsing time. ...

8.7CVSS5.8AI score0.00304EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/03/24 12:0 a.m.6 views

PT-2023-17809 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions prior to the fixed version Description: A heap buffer overflow in the ih264e init proc ctxt function of ih264e process.c could lead to a possible out of bounds read, resulting in local information disclosure. This issue does...

5.5CVSS5.9AI score0.00093EPSS
Exploits0References3
OSV
OSV
added 2022/11/28 1:15 p.m.9 views

AZL-44976 CVE-2022-38900 affecting package js-jquery 3.5.0-4

decode-uri-component 0.2.0 is vulnerable to Improper Input Validation resulting in DoS...

7.5CVSS6.7AI score0.24928EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2021/10/27 12:0 a.m.6 views

The vulnerability of the TiffDecode.c component in the Pillow image processing library, related to out-of-buffer writing, allows a hacker to cause a service failure.

The vulnerability of the TiffDecode.c component in the Pillow image processing library is related to the lack of memory checks during reading operations. Exploiting this vulnerability could allow an attacker to cause a service failure...

7.5CVSS6.8AI score0.02372EPSS
Exploits0References10Affected Software4
Rows per page
Query Builder