Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/06/25 11:8 p.m.5 views

CVE-2026-42342

A flaw was found in React Router and @remix-run/server-runtime. A remote attacker can exploit this vulnerability by sending certain crafted requests to the manifest endpoint. This can lead to unbounded path expansion, consuming disproportionate server resources. The primary consequence is a denia...

7.5CVSS5.7AI score0.00299EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/03 9:5 p.m.13 views

EUVD-2026-34000

React Router vulnerable to DoS via unbounded path expansion in manifest endpoint...

7.5CVSS5.8AI score0.00299EPSS
Exploits0References2
OSV
OSV
added 2026/06/03 9:5 p.m.7 views

GHSA-8X6R-G9MW-2R78 React Router vulnerable to DoS via unbounded path expansion in __manifest endpoint

There exists a potential DOS attack vector in React Router Framework Mode applications as well as Remix v2.10.0 - 2.17.4. Certain requests can be crafted to consume disproportionate resources on the server, resulting in response time degredation and/or service unavailability for end users. !NOTE...

7.5CVSS5.8AI score0.00299EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/02 6:23 p.m.50 views

CVE-2026-42342 React Router vulnerable to DoS via unbounded path expansion in __manifest endpoint

React Router is a router for React. In versions 7.0.0 through 7.14.x of react-router and versions 2.10.0 through 2.17.4 of @remix-run/server-runtime, certain crafted requests can consume disproportionate server resources via unbounded path expansion in the manifest endpoint, resulting in response...

7.5CVSS0.00299EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/02 6:23 p.m.11 views

CVE-2026-42342 React Router vulnerable to DoS via unbounded path expansion in __manifest endpoint

React Router is a router for React. In versions 7.0.0 through 7.14.x of react-router and versions 2.10.0 through 2.17.4 of @remix-run/server-runtime, certain crafted requests can consume disproportionate server resources via unbounded path expansion in the manifest endpoint, resulting in response...

7.5CVSS5.8AI score0.00299EPSS
Exploits0References1
CVE
CVE
added 2026/06/02 6:23 p.m.123 views

CVE-2026-42342

CVE-2026-42342 affects React Router and Remix Server Runtime: versions 7.0.0–7.14.x of react-router and 2.10.0–2.17.4 of @remix-run/server-runtime are vulnerable to DoS via unbounded path expansion on the __manifest endpoint, causing high resource usage and potential unavailability for Framework ...

7.5CVSS5.8AI score0.00299EPSS
Exploits0References1Affected Software2
Rows per page
Query Builder