CVE-2025-13466 body-parser vulnerable to denial of service when url encoding is used

body-parser 2.2.0 is vulnerable to denial of service due to inefficient handling of URL-encoded bodies with very large numbers of parameters. An attacker can send payloads containing thousands of parameters within the default 100KB request size limit, causing elevated CPU and memory usage. This c...

Security Bulletin: IBM Maximo Application Suite - Manage Component uses body-parser-1.19.2.tgz which is vulnerable to CVE-2024-45590

Summary Security Bulletin: IBM Maximo Application Suite - Manage Component uses body-parser-1.19.2.tgz which is vulnerable to CVE-2024-45590. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-45590 DESCRIPTION: body-parser is...

Security Bulletin: A vulnerability in body-parser-1.20.2.tgz affects IBM Db2 Big SQL on Cloud Pak for Data

Summary A vulnerability in open source package expressjs body-parser-1.20.2.tgz affects IBM Db2 Big SQL 7.x on Cloud Pak for Data 5.x Vulnerability Details CVEID:CVE-2024-45590 DESCRIPTION: expressjs body-parser is vulnerable to a denial of service, caused by a flaw when url encoding is enabled. ...