Описание
All versions of the package lite-web-server are vulnerable to Denial of Service (DoS) when an attacker sends an HTTP request and includes control characters that the decodeURI() function is unable to parse.
Ссылки
- ExploitThird Party Advisory
- Broken Link
- Third Party Advisory
- ExploitThird Party Advisory
- Broken Link
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:lite-web-server_project:lite-web-server:-:*:*:*:*:node.js:*:*
EPSS
Процентиль: 28%
0.00101
Низкий
7.5 High
CVSS3
Дефекты
CWE-400
CWE-400
CWE-400
Связанные уязвимости
CVSS3: 7.5
github
почти 3 года назад
Denial of Service vulnerability in lite-web-server
EPSS
Процентиль: 28%
0.00101
Низкий
7.5 High
CVSS3
Дефекты
CWE-400
CWE-400
CWE-400