body-parser is Node.js body parsing middleware. body-parser <1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. This issue is patched in 1.20.3.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HOpenjsf Body Parser
APPOpenjsf< 1.20.3
Powiązane podatności
WebdriverIO: command injection w orkiestracji testów prowadzący do RCE
fast-uri versions 2.3.1 through 3.1.2 and 4.0.0 fail to canonicalize Unicode (IDN) hostnames for HTTP-family U...
nvm (Node Version Manager) through 0.40.4 executes arbitrary commands from version strings supplied by the con...
fast-uri normalize() decoded percent-encoded authority delimiters inside the host component and then re-emitte...
fast-uri decoded percent-encoded path separators and dot segments before applying dot-segment removal in its n...