114 matches found
AZL-49149 CVE-2024-45590 affecting package js-jquery 3.5.0-4
body-parser is Node.js body parsing middleware. body-parser 1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. This issue is patched in...
UBUNTU-CVE-2024-45590
body-parser is Node.js body parsing middleware. body-parser 1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. This issue is patched in...
CVE-2024-45590 body-parser vulnerable to denial of service when url encoding is enabled
body-parser is Node.js body parsing middleware. body-parser 1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. This issue is patched in...
CVE-2024-45590 body-parser vulnerable to denial of service when url encoding is enabled
body-parser is Node.js body parsing middleware. body-parser 1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. This issue is patched in...
CVE-2024-45590
body-parser is Node.js body parsing middleware. body-parser 1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. This issue is patched in...
GHSA-QWCR-R2FM-QRC7 body-parser vulnerable to denial of service when url encoding is enabled
Impact body-parser 1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. Patches this issue is patched in 1.20.3 References...
01-numacert (>=1.0.0 <=3.0.0), 10by10-react-app (=1.2.1) +16037 more potentially affected by CVE-2024-45590 via body-parser (>=1.0.0 <=1.20.2)
body-parser NPM version =1.0.0, =1.0.0, =0.2.0, =1.0.2, =2.0.0, =0.2.0, =0.2.0, =0.0.28, =0.0.1, =1.0.8, =1.0.15 and more Source cves: CVE-2024-45590 Source advisory: OSV:GHSA-QWCR-R2FM-QRC7...
body-parser vulnerable to denial of service when url encoding is enabled
Impact body-parser 1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. Patches this issue is patched in 1.20.3 References...
body-parser 安全漏洞
body-parser is a Node.js parsing middleware open source by expressjs. A security vulnerability exists in body-parser versions prior to 1.20.3, which is rooted in a susceptibility to a denial of service attack, where an attacker can cause a denial of service by sending a large number of requests t...
PT-2024-31693
Name of the Vulnerable Software and Affected Versions: body-parser versions prior to 1.20.3 Description: The issue concerns a denial of service vulnerability when URL encoding is enabled. A malicious actor can use a specially crafted payload to flood the server with a large number of requests,...
Denial Of Service (DoS)
starlite is vulnerable to Denial of Service DoS attacks. A malicious user is able to consume a large amount of CPU time and RAM because the multipart body parser accepts an unlimited number of file parts and field parts, which can cause the application to crash...
GHSA-P24M-863F-FM6Q Denial of service vulnerability when parsing multipart request body
Summary The request body parsing in starlite allows a potentially unauthenticated attacker to consume a large amount of CPU time and RAM. Details The multipart body parser processes an unlimited number of file parts. The multipart body parser processes an unlimited number of field parts. Impact...
GHSA-HPP2-2CR5-PF6G Denial of service due to unlimited number of parts
Impact The multipart body parser accepts an unlimited number of file parts. The multipart body parser accepts an unlimited number of field parts. The multipart body parser accepts an unlimited number of empty parts as field parts. Patches This is fixed in v7.4.1 for Fastify v4.x and v6.0.1 for...
Denial of service due to unlimited number of parts
Impact The multipart body parser accepts an unlimited number of file parts. The multipart body parser accepts an unlimited number of field parts. The multipart body parser accepts an unlimited number of empty parts as field parts. Patches This is fixed in v7.4.1 for Fastify v4.x and v6.0.1 for...
Design/Logic Flaw
Play Framework is a web framework for Java and Scala. A denial of service vulnerability has been discovered in verions 2.8.3 through 2.8.15 of Play's forms library, in both the Scala and Java APIs. This can occur when using either the FormbindFromRequest method on a JSON request body or the...
CVE-2022-31018 Denial of service binding form from JSON in Play Framework
Play Framework is a web framework for Java and Scala. A denial of service vulnerability has been discovered in verions 2.8.3 through 2.8.15 of Play's forms library, in both the Scala and Java APIs. This can occur when using either the FormbindFromRequest method on a JSON request body or the...
body-parser-xml code issue vulnerability
body-parser-xml is an XML body parser that converts incoming XML data into a JSON representation. a code issue vulnerability exists in body-parser-xml, which stems from an error in the product's implementation of certain functionality. No details of the vulnerability are currently available...
@hosoft/restful-api-framework (>=1.0.1 <=1.5.3), @iamkenos/fragile (>=0.1.1 <=0.1.5) +28 more potentially affected by CVE-2021-3666 via body-parser-xml (>=1.1.0 <=2.0.1)
body-parser-xml NPM version =1.1.0, =1.0.1, =0.1.1, =1.229.0, =0.0.8, =0.1.0, =0.1.4, =0.1.0, =0.8.2-alpha.2, =0.0.10, =1.0.0, =0.0.1, =0.0.1, =0.0.1, =0.1.0 - hubot-wework =0.1.0 and more Source cves: CVE-2021-3666 Source advisory: OSV:GHSA-2GHC-6V89-PW9J...
GHSA-2GHC-6V89-PW9J body-parser-xml vulnerable to Prototype Pollution
body-parser-xml is vulnerable to Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution'...
body-parser-xml vulnerable to Prototype Pollution
body-parser-xml is vulnerable to Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution'...