Blake Embrey

7 exploits Active since Mar 2024
CVE-2024-45296 WRITEUP HIGH WRITEUP
path-to-regexp < 1.9.0 and >= 0.2.0 - Denial of Service via Inefficient Regular Expression
path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a DoS. The bad regular expression is generated any time you have two parameters within a single segment, separated by something that is not a period (.). For users of 0.1, upgrade to 0.1.10. All other users should upgrade to 8.0.0.
CVSS 7.5
CVE-2024-29041 WRITEUP MEDIUM WRITEUP
Express.js < 4.19.2 - Open Redirect via Malformed URL Bypass
Express.js minimalist web framework for node. Versions of Express.js prior to 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL Express performs an encode [using `encodeurl`](https://github.com/pillarjs/encodeurl) on the contents before passing it to the `location` header. This can cause malformed URLs to be evaluated in unexpected ways by common redirect allow list implementations in Express applications, leading to an Open Redirect via bypass of a properly implemented allow list. The main method impacted is `res.location()` but this is also called from within `res.redirect()`. The vulnerability is fixed in 4.19.2 and 5.0.0-beta.3.
CVSS 6.1
CVE-2024-45296 WRITEUP HIGH WRITEUP
path-to-regexp < 1.9.0 and >= 0.2.0 - Denial of Service via Inefficient Regular Expression
path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a DoS. The bad regular expression is generated any time you have two parameters within a single segment, separated by something that is not a period (.). For users of 0.1, upgrade to 0.1.10. All other users should upgrade to 8.0.0.
CVSS 7.5
CVE-2024-45390 WRITEUP HIGH WRITEUP
@blakeembrey/template <1.2.0 - Code Injection
@blakeembrey/template is a string template library. Prior to version 1.2.0, it is possible to inject and run code within the template if the attacker has access to write the template name. Version 1.2.0 contains a patch. As a workaround, don't pass untrusted input as the template display name, or don't use the display name feature.
CVSS 7.3
CVE-2024-45813 WRITEUP MEDIUM WRITEUP
find-my-way 5.5.0-8.2.1 and 9.0.0 - Denial of Service via Inefficient Regular Expression
find-my-way is a fast, open source HTTP router, internally using a Radix Tree (aka compact Prefix Tree), supports route params, wildcards, and it's framework independent. A bad regular expression is generated any time one has two parameters within a single segment, when adding a `-` at the end, like `/:a-:b-`. This may cause a denial of service in some instances. Users are advised to update to find-my-way v8.2.2 or v9.0.1. or subsequent versions. There are no known workarounds for this issue.
CVSS 5.3
CVE-2024-47178 WRITEUP MEDIUM WRITEUP
basic-auth-connect <1.1.0 - Info Disclosure
basic-auth-connect is Connect's Basic Auth middleware in its own module. basic-auth-connect < 1.1.0 uses a timing-unsafe equality comparison that can leak timing information. This issue has been fixed in basic-auth-connect 1.1.0.
CVSS 5.3
CVE-2024-52798 WRITEUP HIGH WRITEUP
path-to-regexp <0.1.12 - Info Disclosure
path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. The regular expression that is vulnerable to backtracking can be generated in the 0.1.x release of path-to-regexp. Upgrade to 0.1.12. This vulnerability exists because of an incomplete fix for CVE-2024-45296.