Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:38282
HistoryNov 29, 2022 - 2:52 a.m.

Denial Of Service (DoS)

2022-11-2902:52:14
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
66

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

43.8%

JSON

decode-uri-component is vulnerable to Denial Of Service (DoS). A remote attacker is able to cause denial of service conditions via sending a malicious payload through the decode function in index.js due to improper input validation.

References

Related

nessus 17
fedora 5
redhatcve 1
redhat 8
almalinux 2
oraclelinux 2
openvas 6
osv 6
ibm 15
cve 2
prion 2
github 1
rocky 1
nessus
nessus
Fedora 37 : pcs (2023-ae96dd6105)
2023-07-01 00:00:00
RHEL 9 : pcs (RHSA-2023:6316)
2023-11-07 00:00:00
Oracle Linux 9 : pcs / (LOW) (ELSA-2023-6316)
2023-11-16 00:00:00
fedora
fedora
[SECURITY] Fedora 37 Update: pcs-0.11.6-1.fc37
2023-07-01 00:38:09
[SECURITY] Fedora 38 Update: pcs-0.11.6-1.fc38
2023-07-01 01:46:23
[SECURITY] Fedora 37 Update: yarnpkg-1.22.19-5.fc37
2023-03-30 01:21:37
redhatcve
redhatcve
CVE-2022-38900
2023-02-16 21:29:43
redhat
redhat
(RHSA-2023:6316) Low: pcs security, bug fix, and enhancement update
2023-11-07 06:01:53
(RHSA-2023:1744) Important: rh-nodejs14-nodejs security, bug fix, and enhancement update
2023-04-12 14:38:13
(RHSA-2023:1743) Important: nodejs:14 security, bug fix, and enhancement update
2023-04-12 14:37:46
almalinux
almalinux
Low: pcs security, bug fix, and enhancement update
2023-11-07 00:00:00
Important: nodejs:14 security, bug fix, and enhancement update
2023-04-12 00:00:00
oraclelinux
oraclelinux
pcs
2023-11-12 00:00:00
nodejs:14 security, bug fix, and enhancement update
2023-04-12 00:00:00
openvas
openvas
Fedora: Security Advisory for pcs (FEDORA-2023-b86fd9ad80)
2023-07-02 00:00:00
Fedora: Security Advisory for pcs (FEDORA-2023-ae96dd6105)
2023-07-02 00:00:00
Elastic Kibana 7.0.0 < 7.17.9, 8.0.0 < 8.6.1 DoS Vulnerability (ESA-2023-02)
2023-02-06 00:00:00
osv
osv
CVE-2022-38900
2022-11-28 13:15:10
Low: pcs security, bug fix, and enhancement update
2023-11-07 00:00:00
decode-uri-component vulnerable to Denial of Service (DoS)
2022-11-28 15:30:24
ibm
ibm
Security Bulletin: Vulnerability in nodejs decode-uri-component affect Cloud Pak System[CVE-2022-38900]
2024-01-03 18:17:39
Security Bulletin: decode-uri-component is vulnerable to CVE-2022-38900 used in IBM Maximo Application Suite
2023-04-05 20:33:59
Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in Node.js decode-uri-component
2023-01-30 17:47:56
cve
cve
CVE-2022-38900
2022-11-28 13:15:00
CVE-2022-38778
2023-02-08 21:15:10
prion
prion
Input validation
2022-11-28 13:15:00
Design/Logic Flaw
2023-02-08 21:15:00
github
github
decode-uri-component vulnerable to Denial of Service (DoS)
2022-11-28 15:30:24
rocky
rocky
nodejs:14 security, bug fix, and enhancement update
2023-04-26 15:28:13

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

43.8%

JSON
Related for VERACODE:38282
nessus17fedora5redhatcve1redhat8almalinux2oraclelinux2openvas6osv6ibm15cve2prion2github1rocky1