8 matches found
CVE-2024-51999
Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error and is not a valid vulnerability. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage...
CVE-2024-51999
Express.js minimalist web framework for node. Prior to 5.2.0 and 4.22.0, when using the extended query parser in express 'query parser': 'extended', the request.query object inherits all object prototype properties, but these properties can be overwritten by query string parameter keys that match...
CVE-2024-51999
CVE-2024-51999 is rejected and not a valid vulnerability entry.
CVE-2024-51999
...
EUVD-2025-200074
express improperly controls modification of query properties...
Withdrawn Advisory: express improperly controls modification of query properties
Withdrawn Advisory This advisory has been withdrawn because it describes a correctness bug, not a vulnerability with real security impact. This link is maintained to preserve external references. Original Description Impact when using the extended query parser in express 'query parser': 'extended...
GHSA-PJ86-CFQH-VQX6 Withdrawn Advisory: express improperly controls modification of query properties
Withdrawn Advisory This advisory has been withdrawn because it describes a correctness bug, not a vulnerability with real security impact. This link is maintained to preserve external references. Original Description Impact when using the extended query parser in express 'query parser': 'extended...
PT-2025-48543
Name of the Vulnerable Software and Affected Versions Express.js versions prior to 5.2.0 Express.js versions prior to 4.22.0 Description Express.js, a minimalist web framework for Node.js, is affected by an issue where the request.query object inherits all object prototype properties when using t...