CVE-2024-45590
ADVISORY - githubSummary
Impact
body-parser <1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service.
Patches
this issue is patched in 1.20.3
References
EPSS Score: 0.00046 (0.185)
Common Weakness Enumeration (CWE)
ADVISORY - nist
Asymmetric Resource Consumption (Amplification)
ADVISORY - github
Asymmetric Resource Consumption (Amplification)
ADVISORY - gitlab
ADVISORY - redhat
Asymmetric Resource Consumption (Amplification)
NIST
CREATED
UPDATED
ADVISORY IDCVE-2024-45590
EXPLOITABILITY SCORE
3.9
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CVSS SCORE
7.5highGitHub
CREATED
UPDATED
ADVISORY IDGHSA-qwcr-r2fm-qrc7
EXPLOITABILITY SCORE
3.9
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CVSS SCORE
7.5highDebian
CREATED
UPDATED
ADVISORY IDCVE-2024-45590
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Ubuntu
CREATED
UPDATED
ADVISORY IDCVE-2024-45590
EXPLOITABILITY SCORE
3.9
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
7.5mediumRed Hat
CREATED
UPDATED
ADVISORY IDCVE-2024-45590
EXPLOITABILITY SCORE
3.9
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CVSS SCORE
7.5highChainguard
CREATED
UPDATED
ADVISORY ID
CGA-4r84-f582-f5vh
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-wr33-h89w-rmmm
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-fh9q-m32j-c356
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-