Lucene search
K

120 matches found

RedhatCVE
RedhatCVE
added 2024/09/10 5:43 p.m.36 views

CVE-2024-45590

A flaw was found in body-parser. This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprisi...

7.5CVSS7.1AI score0.00824EPSS
Exploits1References5
OSV
OSV
added 2024/09/10 4:15 p.m.8 views

AZL-49149 CVE-2024-45590 affecting package js-jquery 3.5.0-4

body-parser is Node.js body parsing middleware. body-parser 1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. This issue is patched in...

7.5CVSS7AI score0.00824EPSS
Exploits1References1
OSV
OSV
added 2024/09/10 4:15 p.m.5 views

DEBIAN-CVE-2024-45590

body-parser is Node.js body parsing middleware. body-parser 1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. This issue is patched in...

7.5CVSS8.1AI score0.00824EPSS
Exploits1References1
OSV
OSV
added 2024/09/10 4:15 p.m.5 views

AZL-49097 CVE-2024-45590 affecting package js-jquery 3.5.0-4

body-parser is Node.js body parsing middleware. body-parser 1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. This issue is patched in...

7.5CVSS7AI score0.00824EPSS
Exploits1References1
NVD
NVD
added 2024/09/10 4:15 p.m.41 views

CVE-2024-45590

body-parser is Node.js body parsing middleware. body-parser 1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. This issue is patched in...

7.5CVSS0.00824EPSS
Exploits1References2
OSV
OSV
added 2024/09/10 4:15 p.m.7 views

AZL-49126 CVE-2024-45590 affecting package reaper for versions less than 3.1.1-13

body-parser is Node.js body parsing middleware. body-parser 1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. This issue is patched in...

7.5CVSS7AI score0.00824EPSS
Exploits1References1
OSV
OSV
added 2024/09/10 4:15 p.m.7 views

AZL-49071 CVE-2024-45590 affecting package python-tensorboard for versions less than 2.16.2-5

body-parser is Node.js body parsing middleware. body-parser 1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. This issue is patched in...

7.5CVSS7AI score0.00824EPSS
Exploits1References1
OSV
OSV
added 2024/09/10 4:15 p.m.3 views

UBUNTU-CVE-2024-45590

body-parser is Node.js body parsing middleware. body-parser 1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. This issue is patched in...

7.5CVSS7AI score0.00824EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/09/10 3:54 p.m.37 views

CVE-2024-45590 body-parser vulnerable to denial of service when url encoding is enabled

body-parser is Node.js body parsing middleware. body-parser 1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. This issue is patched in...

7.5CVSS0.00824EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/09/10 3:54 p.m.71 views

CVE-2024-45590 body-parser vulnerable to denial of service when url encoding is enabled

body-parser is Node.js body parsing middleware. body-parser 1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. This issue is patched in...

7.5CVSS7.2AI score0.00824EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2024/09/10 3:54 p.m.27 views

CVE-2024-45590

body-parser is Node.js body parsing middleware. body-parser 1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. This issue is patched in...

7.5CVSS8.1AI score0.00824EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2024/09/10 3:52 p.m.8 views

01-numacert (>=1.0.0 <=3.0.0), 10by10-react-app (=1.2.1) +16010 more potentially affected by CVE-2024-45590 via body-parser (>=1.0.0 <=1.20.2)

body-parser NPM version =1.0.0, =1.0.0, =0.2.0, =1.0.2, =2.0.0, =0.2.0, =0.2.0, =0.0.28, =0.0.1, =1.0.8, =1.0.15 and more Source cves: CVE-2024-45590 Source advisory: OSV:GHSA-QWCR-R2FM-QRC7...

7.5CVSS7.1AI score0.00824EPSS
Exploits1
OSV
OSV
added 2024/09/10 3:52 p.m.4 views

GHSA-QWCR-R2FM-QRC7 body-parser vulnerable to denial of service when url encoding is enabled

Impact body-parser 1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. Patches this issue is patched in 1.20.3 References...

8.7CVSS6.9AI score0.00824EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2024/09/10 3:52 p.m.207 views

body-parser vulnerable to denial of service when url encoding is enabled

Impact body-parser 1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. Patches this issue is patched in 1.20.3 References...

7.5CVSS6.5AI score0.00824EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2024/09/10 12:0 a.m.7 views

PT-2024-31693

Name of the Vulnerable Software and Affected Versions: body-parser versions prior to 1.20.3 Description: The issue concerns a denial of service vulnerability when URL encoding is enabled. A malicious actor can use a specially crafted payload to flood the server with a large number of requests,...

8.7CVSS7.9AI score0.00824EPSS
Exploits1References23
CNNVD
CNNVD
added 2024/09/10 12:0 a.m.8 views

body-parser 安全漏洞

body-parser is a Node.js parsing middleware open source by expressjs. A security vulnerability exists in body-parser versions prior to 1.20.3, which is rooted in a susceptibility to a denial of service attack, where an attacker can cause a denial of service by sending a large number of requests t...

7.5CVSS7.5AI score0.00824EPSS
Exploits1References4
Veracode
Veracode
added 2023/02/17 9:8 a.m.17 views

Denial Of Service (DoS)

starlite is vulnerable to Denial of Service DoS attacks. A malicious user is able to consume a large amount of CPU time and RAM because the multipart body parser accepts an unlimited number of file parts and field parts, which can cause the application to crash...

7.5CVSS7.2AI score0.01004EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2023/02/15 5:42 p.m.67 views

GHSA-P24M-863F-FM6Q Denial of service vulnerability when parsing multipart request body

Summary The request body parsing in starlite allows a potentially unauthenticated attacker to consume a large amount of CPU time and RAM. Details The multipart body parser processes an unlimited number of file parts. The multipart body parser processes an unlimited number of field parts. Impact...

8.7CVSS7.4AI score0.01004EPSS
Exploits2References6
OSV
OSV
added 2023/02/14 9:49 p.m.17 views

GHSA-HPP2-2CR5-PF6G Denial of service due to unlimited number of parts

Impact The multipart body parser accepts an unlimited number of file parts. The multipart body parser accepts an unlimited number of field parts. The multipart body parser accepts an unlimited number of empty parts as field parts. Patches This is fixed in v7.4.1 for Fastify v4.x and v6.0.1 for...

7.5CVSS7.4AI score0.01463EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2023/02/14 9:49 p.m.25 views

Denial of service due to unlimited number of parts

Impact The multipart body parser accepts an unlimited number of file parts. The multipart body parser accepts an unlimited number of field parts. The multipart body parser accepts an unlimited number of empty parts as field parts. Patches This is fixed in v7.4.1 for Fastify v4.x and v6.0.1 for...

7.5CVSS7.2AI score0.01463EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder