120 matches found
CVE-2024-45590
A flaw was found in body-parser. This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprisi...
AZL-49149 CVE-2024-45590 affecting package js-jquery 3.5.0-4
body-parser is Node.js body parsing middleware. body-parser 1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. This issue is patched in...
DEBIAN-CVE-2024-45590
body-parser is Node.js body parsing middleware. body-parser 1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. This issue is patched in...
AZL-49097 CVE-2024-45590 affecting package js-jquery 3.5.0-4
body-parser is Node.js body parsing middleware. body-parser 1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. This issue is patched in...
CVE-2024-45590
body-parser is Node.js body parsing middleware. body-parser 1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. This issue is patched in...
AZL-49126 CVE-2024-45590 affecting package reaper for versions less than 3.1.1-13
body-parser is Node.js body parsing middleware. body-parser 1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. This issue is patched in...
AZL-49071 CVE-2024-45590 affecting package python-tensorboard for versions less than 2.16.2-5
body-parser is Node.js body parsing middleware. body-parser 1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. This issue is patched in...
UBUNTU-CVE-2024-45590
body-parser is Node.js body parsing middleware. body-parser 1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. This issue is patched in...
CVE-2024-45590 body-parser vulnerable to denial of service when url encoding is enabled
body-parser is Node.js body parsing middleware. body-parser 1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. This issue is patched in...
CVE-2024-45590 body-parser vulnerable to denial of service when url encoding is enabled
body-parser is Node.js body parsing middleware. body-parser 1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. This issue is patched in...
CVE-2024-45590
body-parser is Node.js body parsing middleware. body-parser 1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. This issue is patched in...
01-numacert (>=1.0.0 <=3.0.0), 10by10-react-app (=1.2.1) +16010 more potentially affected by CVE-2024-45590 via body-parser (>=1.0.0 <=1.20.2)
body-parser NPM version =1.0.0, =1.0.0, =0.2.0, =1.0.2, =2.0.0, =0.2.0, =0.2.0, =0.0.28, =0.0.1, =1.0.8, =1.0.15 and more Source cves: CVE-2024-45590 Source advisory: OSV:GHSA-QWCR-R2FM-QRC7...
GHSA-QWCR-R2FM-QRC7 body-parser vulnerable to denial of service when url encoding is enabled
Impact body-parser 1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. Patches this issue is patched in 1.20.3 References...
body-parser vulnerable to denial of service when url encoding is enabled
Impact body-parser 1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. Patches this issue is patched in 1.20.3 References...
PT-2024-31693
Name of the Vulnerable Software and Affected Versions: body-parser versions prior to 1.20.3 Description: The issue concerns a denial of service vulnerability when URL encoding is enabled. A malicious actor can use a specially crafted payload to flood the server with a large number of requests,...
body-parser 安全漏洞
body-parser is a Node.js parsing middleware open source by expressjs. A security vulnerability exists in body-parser versions prior to 1.20.3, which is rooted in a susceptibility to a denial of service attack, where an attacker can cause a denial of service by sending a large number of requests t...
Denial Of Service (DoS)
starlite is vulnerable to Denial of Service DoS attacks. A malicious user is able to consume a large amount of CPU time and RAM because the multipart body parser accepts an unlimited number of file parts and field parts, which can cause the application to crash...
GHSA-P24M-863F-FM6Q Denial of service vulnerability when parsing multipart request body
Summary The request body parsing in starlite allows a potentially unauthenticated attacker to consume a large amount of CPU time and RAM. Details The multipart body parser processes an unlimited number of file parts. The multipart body parser processes an unlimited number of field parts. Impact...
GHSA-HPP2-2CR5-PF6G Denial of service due to unlimited number of parts
Impact The multipart body parser accepts an unlimited number of file parts. The multipart body parser accepts an unlimited number of field parts. The multipart body parser accepts an unlimited number of empty parts as field parts. Patches This is fixed in v7.4.1 for Fastify v4.x and v6.0.1 for...
Denial of service due to unlimited number of parts
Impact The multipart body parser accepts an unlimited number of file parts. The multipart body parser accepts an unlimited number of field parts. The multipart body parser accepts an unlimited number of empty parts as field parts. Patches This is fixed in v7.4.1 for Fastify v4.x and v6.0.1 for...