Description

body-parser is Node.js body parsing middleware. body-parser <1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. This issue is patched in 1.20.3.

INFO

Published Date :

2024-09-10T15:54:02.330Z

Last Modified :

2024-09-10T18:47:22.965Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2024-45590 vulnerability.

Vendors Products
Expressjs
  • Body-parser
Openjsf
  • Body-parser
Redhat
  • Advanced Cluster Security
  • Discovery
  • Network Observ Optr
  • Openshift
  • Openshift Data Foundation
  • Openshift Distributed Tracing
  • Openshift Gitops
  • Rhdh
  • Rhmt
  • Service Mesh
  • Trusted Profile Analyzer
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-45590.

URL Resource
https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce cve-icon cve-icon cve-icon
https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7 cve-icon cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-45590 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-45590 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact