{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-30T03:18:42.253","vulnerabilities":[{"cve":{"id":"CVE-2024-45590","sourceIdentifier":"security-advisories@github.com","published":"2024-09-10T16:15:21.083","lastModified":"2024-09-20T16:26:44.977","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"body-parser is Node.js body parsing middleware. body-parser <1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. This issue is patched in 1.20.3."},{"lang":"es","value":"body-parser es un middleware de análisis de cuerpo de Node.js. body-parser en versiones anteriores a la 1.20.3 es vulnerable a la denegación de servicio cuando la codificación de URL está habilitada. Un actor malintencionado que utilice un payload especialmente manipulado podría inundar el servidor con una gran cantidad de solicitudes, lo que provocaría una denegación de servicio. Este problema se solucionó en la versión 1.20.3."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-405"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openjsf:body-parser:*:*:*:*:*:node.js:*:*","versionEndExcluding":"1.20.3","matchCriteriaId":"42A6B188-985D-4F15-B31B-46D67F4E3F07"}]}]}],"references":[{"url":"https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7","source":"security-advisories@github.com","tags":["Vendor Advisory"]}]}}]}