{"source":1120080,"name":"turbo-stream","dependency":"turbo-stream","title":"React Router vulnerable to Denial of Service via reflected user input in single-fetch","url":"https://github.com/advisories/GHSA-rxv8-25v2-qmq8","severity":"high","versions":["0.0.1","0.0.2","0.0.3","0.0.4","0.0.5","0.0.6","0.0.7","0.0.8","1.0.0","1.0.1","1.0.2","1.0.3","1.0.4","1.1.0","1.1.1","1.2.0","1.2.1","2.0.0","2.0.1","2.1.0","2.2.0","2.2.1","2.2.2","2.2.3","2.3.0","2.4.0","2.4.1","3.0.0","3.0.1","3.1.0","3.2.0"],"vulnerableVersions":["0.0.1","0.0.2","0.0.3","0.0.4","0.0.5","0.0.6","0.0.7","0.0.8","1.0.0","1.0.1","1.0.2","1.0.3","1.0.4","1.1.0","1.1.1","1.2.0","1.2.1","2.0.0","2.0.1","2.1.0","2.2.0","2.2.1","2.2.2","2.2.3","2.3.0","2.4.0","2.4.1"],"cwe":["CWE-770"],"cvss":{"score":7.5,"vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},"range":"<3.0.0","id":"YHDYX8uUXALeJdKj6MsmefFIitF0R+z6UG5Fn1ANmvDNXsTJWVfxKEsPKGgBGHfhWqn6dwjgd9q58zvEoF/YmQ=="}