GHSA-w573-4hg7-7wgq
- Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/11/GHSA-w573-4hg7-7wgq/GHSA-w573-4hg7-7wgq.json
- Aliases
-
- CVE-2022-38900 ( ALSA-2023:1743, RLSA-2023:1743 )
- Published
- 2022-11-28T15:30:24Z
- Modified
- 2023-03-31T16:05:14Z
- Details
-
decode-uri-component 0.2.0 is vulnerable to Improper Input Validation resulting in DoS.
- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2022-38900
- https://github.com/SamVerschueren/decode-uri-component/issues/5
- https://github.com/sindresorhus/query-string/issues/345
- https://github.com/SamVerschueren/decode-uri-component/commit/746ca5dcb6667c5d364e782d53c542830e4c10b9
- https://github.com/SamVerschueren/decode-uri-component
- https://github.com/SamVerschueren/decode-uri-component/releases/tag/v0.2.1
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ERN6YE3DS7NBW7UH44SCJBMNC2NWQ7SM/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAC5KQ2SEWAMQ6UZAUBZ5KXKEOESH375/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VNV2GNZXOTEDAJRFH3ZYWRUBGIVL7BSU/