{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-26T18:30:22.854","vulnerabilities":[{"cve":{"id":"CVE-2024-45813","sourceIdentifier":"security-advisories@github.com","published":"2024-09-18T17:15:19.163","lastModified":"2026-06-17T07:54:51.987","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"find-my-way is a fast, open source HTTP router, internally using a Radix Tree (aka compact Prefix Tree), supports route params, wildcards, and it's framework independent. A bad regular expression is generated any time one has two parameters within a single segment, when adding a `-` at the end, like `/:a-:b-`. This may cause a denial of service in some instances. Users are advised to update to find-my-way v8.2.2 or v9.0.1. or subsequent versions. There are no known workarounds for this issue."},{"lang":"es","value":"find-my-way es un enrutador HTTP rápido y de código abierto que utiliza internamente un árbol de base (también conocido como árbol de prefijos compacto), admite parámetros de ruta, comodines y es independiente del framework de trabajo. Se genera una expresión regular incorrecta cada vez que se tienen dos parámetros dentro de un solo segmento, al agregar un `-` al final, como `/:a-:b-`. Esto puede causar una denegación de servicio en algunos casos. Se recomienda a los usuarios que actualicen find-my-way a v8.2.2 o v9.0.1 o versiones posteriores. No se conocen workarounds para este problema."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"delvedor","product":"find-my-way","versions":[{"version":"< 8.2.2","status":"affected"},{"version":"= 9.0.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-18T18:07:01.965848Z","id":"CVE-2024-45813","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-1333"}]}],"references":[{"url":"https://blakeembrey.com/posts/2024-09-web-redos","source":"security-advisories@github.com"},{"url":"https://github.com/delvedor/find-my-way/commit/5e9e0eb5d8d438e06a185d5e536a896572dd0440","source":"security-advisories@github.com"},{"url":"https://github.com/delvedor/find-my-way/security/advisories/GHSA-rrr8-f88r-h8q6","source":"security-advisories@github.com"}]}}]}