6 matches found
decode-uri-component: decode-uri-component: Denial of Service via crafted input
A flaw was found in the decode-uri-component library. This vulnerability allows a remote attacker to trigger a Denial of Service DoS by submitting specially crafted input. The decode function, when processing a large number of encoded URI components, consumes excessive CPU resources, which can le...
UBUNTU-CVE-2026-45822
decode-uri-component through 0.4.1 is vulnerable to denial of service. The decode function splits input on '%' producing N tokens and calls decodeComponents, exhibiting super-linear parsing time: 200 '%ab' tokens takes approximately 0.7s, 700 tokens approximately 6s, and 1400 tokens approximately...
CVE-2026-45822
CVE-2026-45822 – decode-uri-component : The connected records specify that the npm package decode-uri-component (versions up to 0.4.1) is vulnerable. The vulnerability lies in the decode() function, which splits input on '%' and then calls decodeComponents(), producing super-linear parsing time. ...
PT-2023-17809 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions prior to the fixed version Description: A heap buffer overflow in the ih264e init proc ctxt function of ih264e process.c could lead to a possible out of bounds read, resulting in local information disclosure. This issue does...
AZL-44976 CVE-2022-38900 affecting package js-jquery 3.5.0-4
decode-uri-component 0.2.0 is vulnerable to Improper Input Validation resulting in DoS...
The vulnerability of the TiffDecode.c component in the Pillow image processing library, related to out-of-buffer writing, allows a hacker to cause a service failure.
The vulnerability of the TiffDecode.c component in the Pillow image processing library is related to the lack of memory checks during reading operations. Exploiting this vulnerability could allow an attacker to cause a service failure...