4 matches found
Important: Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.17.0 release
Red Hat OpenShift Dev Spaces 3.17 has been released. All containers have been updated to include feature enhancements, bug fixes and CVE fixes. This includes fixes to Critical CVE-2024-21534. Following the Red Hat Product Security standards this update is rated as having a security impact of...
CVE-2024-45813 ReDoS vulnerability in multiparametric routes in find-my-way
find-my-way is a fast, open source HTTP router, internally using a Radix Tree aka compact Prefix Tree, supports route params, wildcards, and it's framework independent. A bad regular expression is generated any time one has two parameters within a single segment, when adding a - at the end, like...
CVE-2024-45813
CVE-2024-45813 affects the find-my-way HTTP router. A bad regular expression is generated when two parameters exist within a single segment, notably with a trailing dash (e.g., ":/a-:b-"). This can lead to a Denial of Service in some cases. Affected versions require upgrade to find-my-way v8.2.2 ...
@667/restify (=9.0.0-1), @aeppic/install-build-server (>=2.0.0 <=2.44.0) +938 more potentially affected by CVE-2024-45813 via find-my-way (>=5.6.0 <=8.2.0)
find-my-way NPM version =5.6.0, =2.0.0, =3.0.0, =1.0.1, =1.0.0, =2.0.0, =0.0.0-dev.1739244769735, =0.0.0-dev.1739244769735, =2.0.0, =0.0.0-dev.1757040677030, =0.0.0-dev.1739244769735, =0.0.1, =1.6.0, =1.3.1, =3.0.7 and more Source cves: CVE-2024-45813 Source advisory: OSV:GHSA-RRR8-F88R-H8Q6...