FLAT-HDA7J – Vulnerability | Fluid Attacks Database

Database

Description

decode-uri-component vulnerable to Denial of Service (DoS) decode-uri-component 0.2.0 is vulnerable to Improper Input Validation resulting in DoS.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
npm	decode-uri-component	>=0 <0.2.1	0.2.1
rpm rhel6	firefox	-	-
rpm rhel8.4	nodejs	<1:14.21.3-1.module+el8.4.0+18317+43f5ac16	1:14.21.3-1.module+el8.4.0+18317+43f5ac16
rpm rhel8	389-ds-base	-	-
rpm rhel8	nodejs	<1:14.21.3-1.module+el8.7.0+18531+81d21ca6	1:14.21.3-1.module+el8.7.0+18531+81d21ca6
rpm rhel8.6	nodejs	<1:14.21.3-1.module+el8.6.0+18532+cbe6f646	1:14.21.3-1.module+el8.6.0+18532+cbe6f646
rpm rhel8	pcs	-	-
rpm rhel9	pcs	<0:0.11.6-3.el9	0:0.11.6-3.el9

Aliases

1. CVE-2022-389002. NVD-2022-389003. OSV-2022-389004. GCVE-2022-38900

References

1. https://github.com/SamVerschueren/decode-uri-component/issues/52. https://github.com/sindresorhus/query-string/issues/3453. https://github.com/SamVerschueren/decode-uri-component/commit/746ca5dcb6667c5d364e782d53c542830e4c10b94. https://github.com/SamVerschueren/decode-uri-component/releases/tag/v0.2.15. https://lists.fedoraproject.org/archives/list/[email protected]/message/ERN6YE3DS7NBW7UH44SCJBMNC2NWQ7SM6. https://lists.fedoraproject.org/archives/list/[email protected]/message/KAC5KQ2SEWAMQ6UZAUBZ5KXKEOESH3757. https://lists.fedoraproject.org/archives/list/[email protected]/message/QABOUA2I542UTANVZIVFKWMRYVHLV32D8. https://lists.fedoraproject.org/archives/list/[email protected]/message/UW4SCMT3SEUFVIL7YIADQ5K36GJEO6I59. https://lists.fedoraproject.org/archives/list/[email protected]/message/VNV2GNZXOTEDAJRFH3ZYWRUBGIVL7BSU