CVE-2024-45590

HIGH Year: 2024
CVSS v3 Score
7.5
High
Weakness Type
CWE-405
View all →

Vulnerability Description

body-parser is Node.js body parsing middleware. body-parser <1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. This issue is patched in 1.20.3.

Related Vulnerabilities

CVE-2018-15492

HIGH
CVSS:7.5(High)

A vulnerability in the lservnt.exe component of Sentinel License Manager version 8.5.3.35 (fixed in 8.5.3.2403) causes UDP amplification.

CWE-4052018

CVE-2021-21359

HIGH
CVSS:7.5(High)

TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 9.5.25, 10.4.14, 11.1.1 requesting invalid or non-existing resources via HTTP triggers the page error handler ...

CWE-4052021

CVE-2021-38447

HIGH
CVSS:7.5(High)

OCI OpenDDS versions prior to 3.18.1 are vulnerable when an attacker sends a specially crafted packet to flood target devices with unwanted traffic, which may result in a denial-of-service condition.

CWE-4052021

CVE-2023-2992

HIGH
CVSS:7.5(High)

An unauthenticated denial of service vulnerability exists in the SMM v1, SMM v2, and FPC management web server which can be triggered under crafted conditions. Rebooting SMM or FPC will restore access...

CWE-4052023

CVE-2024-11187

HIGH
CVSS:7.5(High)

It is possible to construct a zone such that some queries to it will generate responses containing numerous records in the Additional section. An attacker sending many such queries can cause either th...

CWE-4052024

CVE-2024-34703

HIGH
CVSS:7.5(High)

Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. Prior to versions 3.3.0 and 2.19.4,...

CWE-4052024