VYPR

npm package

body-parser

pkg:npm/body-parser

Vulnerabilities (2)

  • CVE-2025-13466MedNov 24, 2025
    affected >= 2.2.0, < 2.2.1fixed 2.2.1

    body-parser 2.2.0 is vulnerable to denial of service due to inefficient handling of URL-encoded bodies with very large numbers of parameters. An attacker can send payloads containing thousands of parameters within the default 100KB request size limit, causing elevated CPU and mem

  • CVE-2024-45590Sep 10, 2024
    affected < 1.20.3fixed 1.20.3

    body-parser is Node.js body parsing middleware. body-parser <1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. This is