find-my-way is a fast, open source HTTP router, internally using a Radix Tree (aka compact Prefix Tree), supports route params, wildcards, and it's framework independent. A bad regular expression is generated any time one has two parameters within a single segment, when adding a `-` at the end, like `/:a-:b-`. This may cause a denial of service in some instances. Users are advised to update to find-my-way v8.2.2 or v9.0.1. or subsequent versions. There are no known workarounds for this issue.
References
Configurations
No configuration.
History
20 Sep 2024, 12:30
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
18 Sep 2024, 17:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-09-18 17:15
Updated : 2024-09-20 12:30
NVD link : CVE-2024-45813
Mitre link : CVE-2024-45813
CVE.ORG link : CVE-2024-45813
JSON object : View
Products Affected
No product.
CWE
CWE-1333
Inefficient Regular Expression Complexity