GHSA-89w7-5q45-r53w

Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/12/GHSA-89w7-5q45-r53w/GHSA-89w7-5q45-r53w.json
Aliases
  • CVE-2022-25940
Published
2022-12-20T06:30:36Z
Modified
2023-03-15T05:51:05.201412Z
Details

All versions of package lite-server are vulnerable to Denial of Service (DoS) when an attacker sends an HTTP request and includes control characters that the decodeURI() function is unable to parse.

References

Affected packages

npm / lite-server

lite-server

Affected ranges

Type
SEMVER
Events
Introduced
0

Affected versions

Database specific

{
    "last_known_affected_version_range": "<= 2.6.1"
}

Maven / org.webjars.npm:lite-server

org.webjars.npm:lite-server

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0

Affected versions

1.*

1.3.4

2.*

2.0.0
2.0.1
2.1.0
2.2.0

Database specific

{
    "last_known_affected_version_range": "<= 2.2.0"
}