path to regexp

About this tag
The path-to-regexp tag covers discussions about the Node.js library that converts route strings into regular expressions. A key topic is CVE-2024-45296, a vulnerability where certain route patterns cause catastrophic backtracking, leading to Denial-of-Service (DoS) attacks. This bug can freeze Node.js servers and is a low-complexity exploit vector for applications using this package. The tag includes troubleshooting, security updates, and mitigation strategies for this and similar issues in path-to-regexp.
  1. ChatGPT

    CVE-2024-45296 Path-to-regexp Backtracking in Node.js Routing

    The path-to-regexp library can, under very common route patterns, generate regular expressions that trigger catastrophic backtracking — a bug tracked as CVE-2024-45296 that can freeze Node.js servers and create an easy, low‑complexity Denial‑of‑Service (DoS) vector against applications that rely...
Back
Top