CVE-2022-38900
Summary
| CVE | CVE-2022-38900 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2022-11-28 13:15:00 UTC |
|---|
| Updated | 2023-11-07 03:50:00 UTC |
|---|
| Description | decode-uri-component 0.2.0 is vulnerable to Improper Input Validation resulting in DoS. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| [SECURITY] Fedora 38 Update: yarnpkg-1.22.19-5.fc38 - package-announce - Fedora Mailing-Lists |
FEDORA |
lists.fedoraproject.org |
|
| [SECURITY] Fedora 36 Update: yarnpkg-1.22.19-5.fc36 - package-announce - Fedora Mailing-Lists |
FEDORA |
lists.fedoraproject.org |
|
| [SECURITY] Fedora 37 Update: yarnpkg-1.22.19-5.fc37 - package-announce - Fedora Mailing-Lists |
FEDORA |
lists.fedoraproject.org |
|
| [SECURITY] Fedora 38 Update: yarnpkg-1.22.19-5.fc38 - package-announce - Fedora Mailing-Lists |
|
lists.fedoraproject.org |
|
| [SECURITY] Fedora 38 Update: pcs-0.11.6-1.fc38 - package-announce - Fedora Mailing-Lists |
FEDORA |
lists.fedoraproject.org |
|
| [SECURITY] Fedora 36 Update: yarnpkg-1.22.19-5.fc36 - package-announce - Fedora Mailing-Lists |
|
lists.fedoraproject.org |
|
| [SECURITY] Fedora 38 Update: pcs-0.11.6-1.fc38 - package-announce - Fedora Mailing-Lists |
|
lists.fedoraproject.org |
|
| TypeError: decodeComponents(...).join is not a function · Issue #345 · sindresorhus/query-string · GitHub |
MISC |
github.com |
|
| [SECURITY] Fedora 37 Update: pcs-0.11.6-1.fc37 - package-announce - Fedora Mailing-Lists |
FEDORA |
lists.fedoraproject.org |
|
| [SECURITY] Fedora 37 Update: yarnpkg-1.22.19-5.fc37 - package-announce - Fedora Mailing-Lists |
|
lists.fedoraproject.org |
|
| TypeError: decodeComponents(...).join is not a function · Issue #5 · SamVerschueren/decode-uri-component · GitHub |
MISC |
github.com |
|
| [SECURITY] Fedora 37 Update: pcs-0.11.6-1.fc37 - package-announce - Fedora Mailing-Lists |
|
lists.fedoraproject.org |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 160547 Oracle Enterprise Linux Security Update for nodejs:14 (ELSA-2023-1743)
- 161086 Oracle Enterprise Linux Security Update for pcs (ELSA-2023-6316)
- 241304 Red Hat Update for nodejs:14 security (RHSA-2023:1533)
- 241341 Red Hat Update for nodejs:14 security (RHSA-2023:1742)
- 241342 Red Hat Update for nodejs:14 security (RHSA-2023:1743)
- 241343 Red Hat Update for rh-nodejs14-nodejs security (RHSA-2023:1744)
- 242353 Red Hat Update for pcs security (RHSA-2023:6316)
- 283828 Fedora Security Update for yarnpkg (FEDORA-2023-86d75130fe)
- 283829 Fedora Security Update for yarnpkg (FEDORA-2023-a4f0b29f6c)
- 284048 Fedora Security Update for pcs (FEDORA-2023-e4cb7a5bda)
- 284121 Fedora Security Update for pcs (FEDORA-2023-ae96dd6105)
- 284122 Fedora Security Update for pcs (FEDORA-2023-b86fd9ad80)
- 284231 Fedora Security Update for yarnpkg (FEDORA-2023-2e38c3756f)
- 378467 Alibaba Cloud Linux Security Update for nodejs:14 (ALINUX3-SA-2023:0037)
- 378599 Splunk Enterprise Third Party Package Updates for June (SVD-2023-0613)
- 378883 Splunk Enterprise August Third Party Package Updates (SVD-2023-0808)
- 940979 AlmaLinux Security Update for nodejs:14 (ALSA-2023:1743)
- 941414 AlmaLinux Security Update for pcs (ALSA-2023:6316)
- 960917 Rocky Linux Security Update for nodejs:14 (RLSA-2023:1743)
