lite-server is vulnerable to denial of service. The vulnerability is due to the decodeURI()
function which is unable to parse control characters allowing an attacker to cause an application crash via malicious HTTP request.
CPE | Name | Operator | Version |
---|---|---|---|
lite-server | le | 2.6.1 | |
lite-server | le | 2.2.0 | |
lite-server | le | 2.6.1 | |
lite-server | le | 2.2.0 |