CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
Low
EPSS
Percentile
17.7%
body-parser is Node.js body parsing middleware. body-parser <1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. This issue is patched in 1.20.3.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | node-body-parser | <= 1.20.1+~1.19.2-1 | node-body-parser_1.20.1+~1.19.2-1_all.deb |
Debian | 11 | all | node-body-parser | <= 1.19.0-2 | node-body-parser_1.19.0-2_all.deb |
Debian | 999 | all | node-body-parser | < 1.20.3+~1.19.5-1 | node-body-parser_1.20.3+~1.19.5-1_all.deb |
Debian | 13 | all | node-body-parser | < 1.20.3+~1.19.5-1 | node-body-parser_1.20.3+~1.19.5-1_all.deb |
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
Low
EPSS
Percentile
17.7%