CVE-2023-26104
7.5HIGHAll versions of the package lite-web-server are vulnerable to Denial of Service (DoS) when an attacker sends an HTTP request and includes control characters that the decodeURI() function is unable to
게시됨: 2/25/2023업데이트됨: 3/11/2025
설명
All versions of the package lite-web-server are vulnerable to Denial of Service (DoS) when an attacker sends an HTTP request and includes control characters that the decodeURI() function is unable to parse.
AI 분석AI 기반
영향받는 제품
lite-web-server_projectlite-web-server
-
참조
- https://gist.github.com/lirantal/637520812da06fffb91dd86d02ff6bdeExploitThird Party Advisory
- https://github.com/chasyumen/lite-web-server/blob/main/src/WebServer.js%23L274Broken Link
- https://security.snyk.io/vuln/SNYK-JS-LITEWEBSERVER-3153703Third Party Advisory
- https://gist.github.com/lirantal/637520812da06fffb91dd86d02ff6bdeExploitThird Party Advisory
- https://github.com/chasyumen/lite-web-server/blob/main/src/WebServer.js%23L274Broken Link
- https://security.snyk.io/vuln/SNYK-JS-LITEWEBSERVER-3153703Third Party Advisory