GHSA-984P-XQ9M-4RJW Rate Limiting Bypass in express-brute

All versions of express-brute are vulnerable to Rate Limiting Bypass. Concurrent requests may lead to race conditions that cause the package to incorrectly count requests. This may allow an attacker to bypass the rate limiting provided by the package and execute requests without limiting...

7ghost (>=4.11.0 <=4.11.46), @agneta/platform (>=0.16.9 <=0.17.0) +75 more potentially affected by unknown CVE via express-brute (>=0.4.2 <=1.0.1)

express-brute NPM version =0.4.2, =4.11.0, =0.16.9, =0.0.2, =3.1.0, =0.0.1, =0.0.2, =1.0.0-0, =1.3.3, =1.0.0, =1.1.0, =3.41.6, =1.0.1, =3.0.16-soul - @nadyashakhat/ghost =4.17.1 - @patrick91/ghost =5.2.3-patrick.1 - @phacce/ms-app =0.1.0 and more Source cves: unknown CVE Source advisory:...

Rate Limiting Bypass in express-brute

All versions of express-brute are vulnerable to Rate Limiting Bypass. Concurrent requests may lead to race conditions that cause the package to incorrectly count requests. This may allow an attacker to bypass the rate limiting provided by the package and execute requests without limiting...

Rate Limiting Bypass

Overview All versions of express-brute are vulnerable to Rate Limiting Bypass. Concurrent requests may lead to race conditions that cause the package to incorrectly count requests. This may allow an attacker to bypass the rate limiting provided by the package and execute requests without limiting...