### [CVE-2024-45590](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45590)
![](https://img.shields.io/static/v1?label=Product&message=body-parser&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3C%201.20.3%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-405%3A%20Asymmetric%20Resource%20Consumption%20(Amplification)&color=brightgreen)

### Description

body-parser is Node.js body parsing middleware. body-parser <1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. This issue is patched in 1.20.3.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/Icare741/TPTrivy
- https://github.com/KatenKyoukotsu/devsecops
- https://github.com/PuddinCat/GithubRepoSpider
- https://github.com/andrewbearsley/lacework-sca-scan-example
- https://github.com/dhruvik-git/CVE-2024-45590
- https://github.com/felipecruz91/biznagafest24
- https://github.com/fkie-cad/nvd-json-data-feeds