You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
path to regexp
About this tag
The path-to-regexp tag covers discussions about the Node.js library that converts route strings into regular expressions. A key topic is CVE-2024-45296, a vulnerability where certain route patterns cause catastrophic backtracking, leading to Denial-of-Service (DoS) attacks. This bug can freeze Node.js servers and is a low-complexity exploit vector for applications using this package. The tag includes troubleshooting, security updates, and mitigation strategies for this and similar issues in path-to-regexp.
The path-to-regexp library can, under very common route patterns, generate regular expressions that trigger catastrophic backtracking — a bug tracked as CVE-2024-45296 that can freeze Node.js servers and create an easy, low‑complexity Denial‑of‑Service (DoS) vector against applications that rely...