Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:npm/express@3.16.6
Typenpm
Namespace
Nameexpress
Version3.16.6
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version4.20.0
Latest_non_vulnerable_version5.2.0
Affected_by_vulnerabilities
0
url VCID-axqm-hk9c-53gn
vulnerability_id VCID-axqm-hk9c-53gn
summary 
Express.js Open Redirect in malformed URLs
### Impact

Versions of Express.js prior to 4.19.2 and pre-release alpha and beta versions before 5.0.0-beta.3 are affected by an open redirect vulnerability using malformed URLs.

When a user of Express performs a redirect using a user-provided URL Express performs an encode [using `encodeurl`](https://github.com/pillarjs/encodeurl) on the contents before passing it to the `location` header. This can cause malformed URLs to be evaluated in unexpected ways by common redirect allow list implementations in Express applications, leading to an Open Redirect via bypass of a properly implemented allow list.

The main method impacted is `res.location()` but this is also called from within `res.redirect()`.

### Patches

https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd
https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94

An initial fix went out with `express@4.19.0`, we then patched a feature regression in `4.19.1` and added improved handling for the bypass in `4.19.2`.

### Workarounds

The fix for this involves pre-parsing the url string with either `require('node:url').parse` or `new URL`. These are steps you can take on your own before passing the user input string to `res.location` or `res.redirect`.

### Resources

https://github.com/expressjs/express/pull/5539
https://github.com/koajs/koa/issues/1800
https://expressjs.com/en/4x/api.html#res.location
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29041.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29041.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-29041
reference_id
reference_type
scores
0
value 0.00114
scoring_system epss
scoring_elements 0.30018
published_at 2026-04-09T12:55:00Z
1
value 0.00114
scoring_system epss
scoring_elements 0.2998
published_at 2026-04-12T12:55:00Z
2
value 0.00114
scoring_system epss
scoring_elements 0.30025
published_at 2026-04-11T12:55:00Z
3
value 0.00114
scoring_system epss
scoring_elements 0.29984
published_at 2026-04-08T12:55:00Z
4
value 0.00114
scoring_system epss
scoring_elements 0.29922
published_at 2026-04-07T12:55:00Z
5
value 0.00114
scoring_system epss
scoring_elements 0.30109
published_at 2026-04-04T12:55:00Z
6
value 0.00114
scoring_system epss
scoring_elements 0.30062
published_at 2026-04-02T12:55:00Z
7
value 0.00154
scoring_system epss
scoring_elements 0.35901
published_at 2026-04-24T12:55:00Z
8
value 0.00154
scoring_system epss
scoring_elements 0.36184
published_at 2026-04-18T12:55:00Z
9
value 0.00154
scoring_system epss
scoring_elements 0.36199
published_at 2026-04-16T12:55:00Z
10
value 0.00154
scoring_system epss
scoring_elements 0.36157
published_at 2026-04-13T12:55:00Z
11
value 0.00154
scoring_system epss
scoring_elements 0.36131
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-29041
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29041
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29041
3
reference_url https://expressjs.com/en/4x/api.html#res.location
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-26T13:59:28Z/
url https://expressjs.com/en/4x/api.html#res.location
4
reference_url https://github.com/expressjs/express
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/expressjs/express
5
reference_url https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-26T13:59:28Z/
url https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd
6
reference_url https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-26T13:59:28Z/
url https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94
7
reference_url https://github.com/expressjs/express/pull/5539
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-26T13:59:28Z/
url https://github.com/expressjs/express/pull/5539
8
reference_url https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-26T13:59:28Z/
url https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc
9
reference_url https://github.com/koajs/koa/issues/1800
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-26T13:59:28Z/
url https://github.com/koajs/koa/issues/1800
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-29041
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-29041
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068346
reference_id 1068346
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068346
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2290901
reference_id 2290901
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2290901
13
reference_url https://github.com/advisories/GHSA-rv95-896h-c2vc
reference_id GHSA-rv95-896h-c2vc
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rv95-896h-c2vc
14
reference_url https://access.redhat.com/errata/RHSA-2024:3868
reference_id RHSA-2024:3868
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3868
15
reference_url https://access.redhat.com/errata/RHSA-2024:6211
reference_id RHSA-2024:6211
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6211
16
reference_url https://access.redhat.com/errata/RHSA-2024:7624
reference_id RHSA-2024:7624
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7624
17
reference_url https://usn.ubuntu.com/7581-1/
reference_id USN-7581-1
reference_type
scores
url https://usn.ubuntu.com/7581-1/
fixed_packages
0
url pkg:npm/express@4.19.2
purl pkg:npm/express@4.19.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fevu-q6th-9beb
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/express@4.19.2
1
url pkg:npm/express@5.0.0-beta.3
purl pkg:npm/express@5.0.0-beta.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fevu-q6th-9beb
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/express@5.0.0-beta.3
aliases CVE-2024-29041, GHSA-rv95-896h-c2vc
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-axqm-hk9c-53gn
1
url VCID-bcuh-2e2c-53gy
vulnerability_id VCID-bcuh-2e2c-53gy
summary 
qs vulnerable to Prototype Pollution
qs before 6.10.3 allows attackers to cause a Node process hang because an `__ proto__` key can be used. In many typical web framework use cases, an unauthenticated remote attacker can place the attack payload in the query string of the URL that is used to visit the application, such as `a[__proto__]=b&a[__proto__]&a[length]=100000000`. The fix was backported to qs 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, and 6.2.4.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24999.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24999.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-24999
reference_id
reference_type
scores
0
value 0.01142
scoring_system epss
scoring_elements 0.78485
published_at 2026-04-24T12:55:00Z
1
value 0.01142
scoring_system epss
scoring_elements 0.78452
published_at 2026-04-21T12:55:00Z
2
value 0.01142
scoring_system epss
scoring_elements 0.78383
published_at 2026-04-02T12:55:00Z
3
value 0.01142
scoring_system epss
scoring_elements 0.78424
published_at 2026-04-08T12:55:00Z
4
value 0.01142
scoring_system epss
scoring_elements 0.78397
published_at 2026-04-07T12:55:00Z
5
value 0.01142
scoring_system epss
scoring_elements 0.78414
published_at 2026-04-04T12:55:00Z
6
value 0.01543
scoring_system epss
scoring_elements 0.8138
published_at 2026-04-13T12:55:00Z
7
value 0.01543
scoring_system epss
scoring_elements 0.81388
published_at 2026-04-12T12:55:00Z
8
value 0.01543
scoring_system epss
scoring_elements 0.814
published_at 2026-04-11T12:55:00Z
9
value 0.01543
scoring_system epss
scoring_elements 0.81379
published_at 2026-04-09T12:55:00Z
10
value 0.01543
scoring_system epss
scoring_elements 0.81417
published_at 2026-04-16T12:55:00Z
11
value 0.01543
scoring_system epss
scoring_elements 0.81418
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-24999
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24999
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24999
3
reference_url https://github.com/expressjs/express/releases/tag/4.17.3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T13:56:22Z/
url https://github.com/expressjs/express/releases/tag/4.17.3
4
reference_url https://github.com/ljharb/qs
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ljharb/qs
5
reference_url https://github.com/ljharb/qs/commit/4310742efbd8c03f6495f07906b45213da0a32ec
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ljharb/qs/commit/4310742efbd8c03f6495f07906b45213da0a32ec
6
reference_url https://github.com/ljharb/qs/commit/727ef5d34605108acb3513f72d5435972ed15b68
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ljharb/qs/commit/727ef5d34605108acb3513f72d5435972ed15b68
7
reference_url https://github.com/ljharb/qs/commit/73205259936317b40f447c5cdb71c5b341848e1b
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ljharb/qs/commit/73205259936317b40f447c5cdb71c5b341848e1b
8
reference_url https://github.com/ljharb/qs/commit/8b4cc14cda94a5c89341b77e5fe435ec6c41be2d
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ljharb/qs/commit/8b4cc14cda94a5c89341b77e5fe435ec6c41be2d
9
reference_url https://github.com/ljharb/qs/commit/ba24e74dd17931f825adb52f5633e48293b584e1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ljharb/qs/commit/ba24e74dd17931f825adb52f5633e48293b584e1
10
reference_url https://github.com/ljharb/qs/commit/e799ba57e573a30c14b67c1889c7c04d508b9105
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ljharb/qs/commit/e799ba57e573a30c14b67c1889c7c04d508b9105
11
reference_url https://github.com/ljharb/qs/commit/ed0f5dcbef4b168a8ae299d78b1e4a2e9b1baf1f
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ljharb/qs/commit/ed0f5dcbef4b168a8ae299d78b1e4a2e9b1baf1f
12
reference_url https://github.com/ljharb/qs/commit/f945393cfe442fe8c6e62b4156fd35452c0686ee
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ljharb/qs/commit/f945393cfe442fe8c6e62b4156fd35452c0686ee
13
reference_url https://github.com/ljharb/qs/commit/fc3682776670524a42e19709ec4a8138d0d7afda
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ljharb/qs/commit/fc3682776670524a42e19709ec4a8138d0d7afda
14
reference_url https://github.com/ljharb/qs/pull/428
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T13:56:22Z/
url https://github.com/ljharb/qs/pull/428
15
reference_url https://github.com/n8tz/CVE-2022-24999
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T13:56:22Z/
url https://github.com/n8tz/CVE-2022-24999
16
reference_url https://lists.debian.org/debian-lts-announce/2023/01/msg00039.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T13:56:22Z/
url https://lists.debian.org/debian-lts-announce/2023/01/msg00039.html
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-24999
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-24999
18
reference_url https://security.netapp.com/advisory/ntap-20230908-0005
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20230908-0005
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2150323
reference_id 2150323
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2150323
20
reference_url https://github.com/advisories/GHSA-hrpp-h998-j3pp
reference_id GHSA-hrpp-h998-j3pp
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hrpp-h998-j3pp
21
reference_url https://security.netapp.com/advisory/ntap-20230908-0005/
reference_id ntap-20230908-0005
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T13:56:22Z/
url https://security.netapp.com/advisory/ntap-20230908-0005/
22
reference_url https://access.redhat.com/errata/RHSA-2023:0050
reference_id RHSA-2023:0050
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0050
23
reference_url https://access.redhat.com/errata/RHSA-2023:0612
reference_id RHSA-2023:0612
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0612
24
reference_url https://access.redhat.com/errata/RHSA-2023:0930
reference_id RHSA-2023:0930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0930
25
reference_url https://access.redhat.com/errata/RHSA-2023:0932
reference_id RHSA-2023:0932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0932
26
reference_url https://access.redhat.com/errata/RHSA-2023:0934
reference_id RHSA-2023:0934
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0934
27
reference_url https://access.redhat.com/errata/RHSA-2023:1428
reference_id RHSA-2023:1428
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1428
28
reference_url https://access.redhat.com/errata/RHSA-2023:1533
reference_id RHSA-2023:1533
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1533
29
reference_url https://access.redhat.com/errata/RHSA-2023:1742
reference_id RHSA-2023:1742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1742
30
reference_url https://access.redhat.com/errata/RHSA-2023:3265
reference_id RHSA-2023:3265
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3265
31
reference_url https://access.redhat.com/errata/RHSA-2023:3645
reference_id RHSA-2023:3645
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3645
32
reference_url https://usn.ubuntu.com/7693-1/
reference_id USN-7693-1
reference_type
scores
url https://usn.ubuntu.com/7693-1/
fixed_packages
0
url pkg:npm/express@4.17.3
purl pkg:npm/express@4.17.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-axqm-hk9c-53gn
1
vulnerability VCID-fevu-q6th-9beb
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/express@4.17.3
aliases CVE-2022-24999, GHSA-hrpp-h998-j3pp
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bcuh-2e2c-53gy
2
url VCID-fevu-q6th-9beb
vulnerability_id VCID-fevu-q6th-9beb
summary 
express vulnerable to XSS via response.redirect()
### Impact

In express <4.20.0, passing untrusted user input - even after sanitizing it - to `response.redirect()` may execute untrusted code

### Patches

this issue is patched in express 4.20.0

### Workarounds

users are encouraged to upgrade to the patched version of express, but otherwise can workaround this issue by making sure any untrusted inputs are safe, ideally by validating them against an explicit allowlist

### Details

successful exploitation of this vector requires the following:

1. The attacker MUST control the input to response.redirect()
1. express MUST NOT redirect before the template appears
1. the browser MUST NOT complete redirection before:
1. the user MUST click on the link in the template
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-43796.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-43796.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-43796
reference_id
reference_type
scores
0
value 0.0012
scoring_system epss
scoring_elements 0.31076
published_at 2026-04-04T12:55:00Z
1
value 0.0012
scoring_system epss
scoring_elements 0.30986
published_at 2026-04-11T12:55:00Z
2
value 0.0012
scoring_system epss
scoring_elements 0.30981
published_at 2026-04-09T12:55:00Z
3
value 0.0012
scoring_system epss
scoring_elements 0.30952
published_at 2026-04-08T12:55:00Z
4
value 0.0012
scoring_system epss
scoring_elements 0.30894
published_at 2026-04-07T12:55:00Z
5
value 0.0012
scoring_system epss
scoring_elements 0.31029
published_at 2026-04-02T12:55:00Z
6
value 0.0012
scoring_system epss
scoring_elements 0.30909
published_at 2026-04-18T12:55:00Z
7
value 0.0012
scoring_system epss
scoring_elements 0.3093
published_at 2026-04-16T12:55:00Z
8
value 0.0012
scoring_system epss
scoring_elements 0.30898
published_at 2026-04-13T12:55:00Z
9
value 0.0012
scoring_system epss
scoring_elements 0.30943
published_at 2026-04-12T12:55:00Z
10
value 0.00123
scoring_system epss
scoring_elements 0.31411
published_at 2026-04-21T12:55:00Z
11
value 0.00123
scoring_system epss
scoring_elements 0.31241
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-43796
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43796
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43796
3
reference_url https://github.com/expressjs/express
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/expressjs/express
4
reference_url https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
2
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L
3
value LOW
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:58:36Z/
url https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553
5
reference_url https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
2
value LOW
scoring_system cvssv3.1_qr
scoring_elements
3
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L
4
value LOW
scoring_system generic_textual
scoring_elements
5
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:58:36Z/
url https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-43796
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L
2
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-43796
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1081481
reference_id 1081481
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1081481
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2311152
reference_id 2311152
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2311152
9
reference_url https://github.com/advisories/GHSA-qw6h-vgh9-j6wx
reference_id GHSA-qw6h-vgh9-j6wx
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qw6h-vgh9-j6wx
10
reference_url https://access.redhat.com/errata/RHSA-2024:10906
reference_id RHSA-2024:10906
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10906
11
reference_url https://access.redhat.com/errata/RHSA-2024:10917
reference_id RHSA-2024:10917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10917
12
reference_url https://access.redhat.com/errata/RHSA-2024:10962
reference_id RHSA-2024:10962
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10962
13
reference_url https://access.redhat.com/errata/RHSA-2024:7726
reference_id RHSA-2024:7726
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7726
14
reference_url https://access.redhat.com/errata/RHSA-2024:8014
reference_id RHSA-2024:8014
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8014
15
reference_url https://access.redhat.com/errata/RHSA-2024:8023
reference_id RHSA-2024:8023
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8023
16
reference_url https://access.redhat.com/errata/RHSA-2024:8113
reference_id RHSA-2024:8113
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8113
17
reference_url https://access.redhat.com/errata/RHSA-2024:8581
reference_id RHSA-2024:8581
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8581
18
reference_url https://access.redhat.com/errata/RHSA-2024:8676
reference_id RHSA-2024:8676
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8676
19
reference_url https://access.redhat.com/errata/RHSA-2024:8677
reference_id RHSA-2024:8677
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8677
20
reference_url https://access.redhat.com/errata/RHSA-2025:0079
reference_id RHSA-2025:0079
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:0079
21
reference_url https://access.redhat.com/errata/RHSA-2025:0082
reference_id RHSA-2025:0082
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:0082
22
reference_url https://access.redhat.com/errata/RHSA-2025:0164
reference_id RHSA-2025:0164
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:0164
23
reference_url https://access.redhat.com/errata/RHSA-2025:0323
reference_id RHSA-2025:0323
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:0323
24
reference_url https://access.redhat.com/errata/RHSA-2025:0875
reference_id RHSA-2025:0875
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:0875
25
reference_url https://usn.ubuntu.com/7581-1/
reference_id USN-7581-1
reference_type
scores
url https://usn.ubuntu.com/7581-1/
fixed_packages
0
url pkg:npm/express@4.20.0
purl pkg:npm/express@4.20.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/express@4.20.0
1
url pkg:npm/express@5.0.0
purl pkg:npm/express@5.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9usd-2u38-nfea
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/express@5.0.0
aliases CVE-2024-43796, GHSA-qw6h-vgh9-j6wx
risk_score 2.2
exploitability 0.5
weighted_severity 4.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fevu-q6th-9beb
3
url VCID-hyrv-e649-23fr
vulnerability_id VCID-hyrv-e649-23fr
summary 
Express ressource injection
A vulnerability has been identified in the Express response.links function, allowing for arbitrary resource injection in the Link header when unsanitized data is used.

The issue arises from improper sanitization in `Link` header values, which can allow a combination of characters like `,`, `;`, and `<>` to preload malicious resources.

This vulnerability is especially relevant for dynamic parameters.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10491.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10491.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-10491
reference_id
reference_type
scores
0
value 0.0033
scoring_system epss
scoring_elements 0.55942
published_at 2026-04-24T12:55:00Z
1
value 0.0033
scoring_system epss
scoring_elements 0.55977
published_at 2026-04-02T12:55:00Z
2
value 0.0033
scoring_system epss
scoring_elements 0.55998
published_at 2026-04-04T12:55:00Z
3
value 0.0033
scoring_system epss
scoring_elements 0.55976
published_at 2026-04-07T12:55:00Z
4
value 0.0033
scoring_system epss
scoring_elements 0.56028
published_at 2026-04-08T12:55:00Z
5
value 0.0033
scoring_system epss
scoring_elements 0.56031
published_at 2026-04-09T12:55:00Z
6
value 0.0033
scoring_system epss
scoring_elements 0.56041
published_at 2026-04-11T12:55:00Z
7
value 0.0033
scoring_system epss
scoring_elements 0.56021
published_at 2026-04-12T12:55:00Z
8
value 0.0033
scoring_system epss
scoring_elements 0.56003
published_at 2026-04-13T12:55:00Z
9
value 0.0033
scoring_system epss
scoring_elements 0.56039
published_at 2026-04-16T12:55:00Z
10
value 0.0033
scoring_system epss
scoring_elements 0.56043
published_at 2026-04-18T12:55:00Z
11
value 0.0033
scoring_system epss
scoring_elements 0.56016
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-10491
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10491
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10491
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/expressjs/express
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/expressjs/express
5
reference_url https://github.com/expressjs/express/issues/6222
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/expressjs/express/issues/6222
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-10491
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-10491
7
reference_url https://www.herodevs.com/vulnerability-directory/cve-2024-10491
reference_id
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N
1
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-29T19:42:55Z/
url https://www.herodevs.com/vulnerability-directory/cve-2024-10491
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088807
reference_id 1088807
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088807
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2322502
reference_id 2322502
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2322502
10
reference_url https://github.com/advisories/GHSA-cm5g-3pgc-8rg4
reference_id GHSA-cm5g-3pgc-8rg4
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cm5g-3pgc-8rg4
fixed_packages
0
url pkg:npm/express@4.0.0-rc1
purl pkg:npm/express@4.0.0-rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8jr1-tn77-dfds
1
vulnerability VCID-axqm-hk9c-53gn
2
vulnerability VCID-bcuh-2e2c-53gy
3
vulnerability VCID-fevu-q6th-9beb
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/express@4.0.0-rc1
aliases CVE-2024-10491, GHSA-cm5g-3pgc-8rg4
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hyrv-e649-23fr
4
url VCID-xnw8-djyq-1uhk
vulnerability_id VCID-xnw8-djyq-1uhk
summary 
Express Open Redirect vulnerability
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Express. This vulnerability affects the use of the Express Response object. This issue impacts Express: from 3.4.5 before 4.0.0-rc1.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9266.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9266.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-9266
reference_id
reference_type
scores
0
value 0.00125
scoring_system epss
scoring_elements 0.31483
published_at 2026-04-24T12:55:00Z
1
value 0.00125
scoring_system epss
scoring_elements 0.31659
published_at 2026-04-21T12:55:00Z
2
value 0.00125
scoring_system epss
scoring_elements 0.31692
published_at 2026-04-18T12:55:00Z
3
value 0.00125
scoring_system epss
scoring_elements 0.31714
published_at 2026-04-16T12:55:00Z
4
value 0.00125
scoring_system epss
scoring_elements 0.31681
published_at 2026-04-13T12:55:00Z
5
value 0.00125
scoring_system epss
scoring_elements 0.31809
published_at 2026-04-02T12:55:00Z
6
value 0.00125
scoring_system epss
scoring_elements 0.31757
published_at 2026-04-11T12:55:00Z
7
value 0.00125
scoring_system epss
scoring_elements 0.31754
published_at 2026-04-09T12:55:00Z
8
value 0.00125
scoring_system epss
scoring_elements 0.31724
published_at 2026-04-08T12:55:00Z
9
value 0.00125
scoring_system epss
scoring_elements 0.31673
published_at 2026-04-07T12:55:00Z
10
value 0.00125
scoring_system epss
scoring_elements 0.31853
published_at 2026-04-04T12:55:00Z
11
value 0.00125
scoring_system epss
scoring_elements 0.31717
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-9266
2
reference_url https://github.com/expressjs/express
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/expressjs/express
3
reference_url https://github.com/expressjs/express/compare/3.4.4...3.4.5
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/expressjs/express/compare/3.4.4...3.4.5
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-9266
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-9266
5
reference_url https://www.herodevs.com/vulnerability-directory/cve-2024-9266
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://www.herodevs.com/vulnerability-directory/cve-2024-9266
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2316353
reference_id 2316353
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2316353
7
reference_url https://github.com/advisories/GHSA-jj78-5fmv-mv28
reference_id GHSA-jj78-5fmv-mv28
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jj78-5fmv-mv28
fixed_packages
0
url pkg:npm/express@4.0.0-rc1
purl pkg:npm/express@4.0.0-rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8jr1-tn77-dfds
1
vulnerability VCID-axqm-hk9c-53gn
2
vulnerability VCID-bcuh-2e2c-53gy
3
vulnerability VCID-fevu-q6th-9beb
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/express@4.0.0-rc1
aliases CVE-2024-9266, GHSA-jj78-5fmv-mv28
risk_score 2.8
exploitability 0.5
weighted_severity 5.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xnw8-djyq-1uhk
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:npm/express@3.16.6