CVE-2023-26104
on github
Published
Severity
CVSS v3:
7.5 HIGH
CVSS v2:
N/A
Description
All versions of the package lite-web-server are vulnerable to Denial of Service (DoS) when an attacker sends an HTTP request and includes control characters that the decodeURI() function is unable to parse.
References
Configurations
CPE23 | Version Start | Version End | Exact Version |
---|---|---|---|
cpe:2.3:a:lite-web-server_project:lite-web-server:-:*:*:*:*:node.js:*:* | n/a | n/a | - |