CVE-2022-25940: lite-server vulnerable to Denial of Service
All versions of package lite-server is vulnerable to Denial of Service (DoS) when an attacker sends an HTTP request and includes control characters that the decodeURI() function is unable to parse.
References
Detect and mitigate CVE-2022-25940 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →