All vulnerabilities
CVE-2024-45813
find-my-way has a ReDoS vulnerability in multiparametric routes
Description
Impact
A bad regular expression is generated any time you have two parameters within a single segment, when adding a - at the end, like /:a-:b-.
Patches
Update to find-my-way v8.2.2 or v9.0.1. or subsequent versions.
Workarounds
No known workarounds.
References
Patch Available
Fix available through Seal Security.
No upgrade required, protect your application instantly.
Fix without upgrading
Score
7.5
Severity
High
Ecosystem
JavaScript
Publish Date
September 18, 2024
Modified Date
October 7, 2024
Score Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Versions
