High severityNVD Advisory· Published Nov 28, 2022· Updated Apr 25, 2025
CVE-2022-38900
CVE-2022-38900
Description
decode-uri-component 0.2.0 is vulnerable to Improper Input Validation resulting in DoS.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
decode-uri-componentnpm | < 0.2.1 | 0.2.1 |
Affected products
11- decode-uri-component/decode-uri-componentdescription
- ghsa-coords10 versionspkg:npm/decode-uri-componentpkg:rpm/almalinux/nodejspkg:rpm/almalinux/nodejs-develpkg:rpm/almalinux/nodejs-docspkg:rpm/almalinux/nodejs-full-i18npkg:rpm/almalinux/nodejs-nodemonpkg:rpm/almalinux/nodejs-packagingpkg:rpm/almalinux/npmpkg:rpm/almalinux/pcspkg:rpm/almalinux/pcs-snmp
< 0.2.1+ 9 more
- (no CPE)range: < 0.2.1
- (no CPE)range: < 1:14.21.3-1.module_el8.7.0+3551+53700ee8
- (no CPE)range: < 1:14.21.3-1.module_el8.7.0+3551+53700ee8
- (no CPE)range: < 1:14.21.3-1.module_el8.7.0+3551+53700ee8
- (no CPE)range: < 1:14.21.3-1.module_el8.7.0+3551+53700ee8
- (no CPE)range: < 2.0.20-3.module_el8.7.0+3551+53700ee8
- (no CPE)range: < 23-3.module_el8.4.0+2522+3bd42762
- (no CPE)range: < 1:6.14.18-1.14.21.3.1.module_el8.7.0+3551+53700ee8
- (no CPE)range: < 0.11.6-3.el9
- (no CPE)range: < 0.11.6-3.el9
Patches
Vulnerability mechanics
References
16- github.com/advisories/GHSA-w573-4hg7-7wgqghsaADVISORY
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ERN6YE3DS7NBW7UH44SCJBMNC2NWQ7SM/mitrevendor-advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KAC5KQ2SEWAMQ6UZAUBZ5KXKEOESH375/mitrevendor-advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QABOUA2I542UTANVZIVFKWMRYVHLV32D/mitrevendor-advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UW4SCMT3SEUFVIL7YIADQ5K36GJEO6I5/mitrevendor-advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VNV2GNZXOTEDAJRFH3ZYWRUBGIVL7BSU/mitrevendor-advisory
- nvd.nist.gov/vuln/detail/CVE-2022-38900ghsaADVISORY
- github.com/SamVerschueren/decode-uri-component/commit/746ca5dcb6667c5d364e782d53c542830e4c10b9ghsaWEB
- github.com/SamVerschueren/decode-uri-component/issues/5ghsaWEB
- github.com/SamVerschueren/decode-uri-component/releases/tag/v0.2.1ghsaWEB
- github.com/sindresorhus/query-string/issues/345ghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ERN6YE3DS7NBW7UH44SCJBMNC2NWQ7SMghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAC5KQ2SEWAMQ6UZAUBZ5KXKEOESH375ghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QABOUA2I542UTANVZIVFKWMRYVHLV32DghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UW4SCMT3SEUFVIL7YIADQ5K36GJEO6I5ghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VNV2GNZXOTEDAJRFH3ZYWRUBGIVL7BSUghsaWEB
News mentions
0No linked articles in our index yet.