body-parser is Node.js body parsing middleware. body-parser <1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. This issue is patched in 1.20.3.
Metrics
Affected Vendors & Products
References
History
Tue, 10 Sep 2024 21:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
| |
Metrics |
threat_severity
|
threat_severity
|
Tue, 10 Sep 2024 19:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Expressjs
Expressjs body-parser |
|
CPEs | cpe:2.3:a:expressjs:body-parser:*:*:*:*:*:*:*:* | |
Vendors & Products |
Expressjs
Expressjs body-parser |
|
Metrics |
ssvc
|
Tue, 10 Sep 2024 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | body-parser is Node.js body parsing middleware. body-parser <1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. This issue is patched in 1.20.3. | |
Title | body-parser vulnerable to denial of service when url encoding is enabled | |
Weaknesses | CWE-405 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2024-09-10T15:54:02.330Z
Updated: 2024-09-10T18:47:22.965Z
Reserved: 2024-09-02T16:00:02.422Z
Link: CVE-2024-45590
Vulnrichment
Updated: 2024-09-10T18:45:10.928Z
NVD
Status : Awaiting Analysis
Published: 2024-09-10T16:15:21.083
Modified: 2024-09-10T17:43:14.410
Link: CVE-2024-45590
Redhat