CNNVD-202511-2620 Information
Nov 24, 2025
cve
CNNVD ID
CNNVD-202511-2620
Related CVE
- CNNVD Published: 2025-11-24
Description (Chinese)
body-parser是expressjs开源的一个 Node.js 解析中间件。 body-parser 2.2.0版本存在安全漏洞,该漏洞源于对URL编码体的低效处理,可能导致拒绝服务攻击。
Description (English)
Body-parser is a Node.js parser of the open source of expressjs. There is a security loophole in version 2.2.0 of body-parser, which stems from inefficient handling of the URL encoder, which may lead to a denial of service attack.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
expressjs
Published
2025-11-24
Last Modified
2026-02-24
References
https://github.com/expressjs/body-parser/security/advisories/GHSA-wqch-xfxh-vrr4
Patch
https://github.com/expressjs/body-parser/releases
Share on: