CVE-2024-10491

Source
https://cve.org/CVERecord?id=CVE-2024-10491
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-10491.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-10491
Aliases
Downstream
Published
2024-10-29T16:23:21.219Z
Modified
2026-07-08T07:34:22.547611599Z
Severity
  • 4.0 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N CVSS Calculator
Summary
Preload arbitrary resources by injecting additional `Link` headers
Details

A vulnerability has been identified in the Express response.links function, allowing for arbitrary resource injection in the Link header when unsanitized data is used.

The issue arises from improper sanitization in Link header values, which can allow a combination of characters like ,, ;, and <> to preload malicious resources.

This vulnerability is especially relevant for dynamic parameters.

Database specific
{
    "cna_assigner": "HeroDevs",
    "cwe_ids": [
        "CWE-74"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/10xxx/CVE-2024-10491.json"
}
References

Affected packages

Git / github.com/expressjs/express

Affected ranges

Type
GIT
Repo
https://github.com/expressjs/express
Events
Database specific
{
    "source": "AFFECTED_FIELD",
    "extracted_events": [
        {
            "introduced": "3.0.0-alpha1"
        },
        {
            "last_affected": "3.21.2"
        }
    ]
}

Affected versions

3.*
3.0.0alpha1
3.0.0alpha2
3.0.0alpha3
3.0.0alpha4
3.0.0alpha5
3.0.0beta1
3.0.0beta2
3.0.0beta3
3.0.0beta4
3.0.0beta5
3.0.0beta6
3.0.0beta7
3.0.0rc1
3.0.0rc2
3.0.0rc3
3.0.1
3.0.2
3.0.3
3.0.4
3.0.5
3.0.6
3.1.0
3.1.1
3.1.2
3.10.0
3.10.1
3.10.2
3.10.3
3.10.4
3.10.5
3.11.0
3.12.0
3.12.1
3.13.0
3.14.0
3.15.0
3.15.1
3.15.2
3.15.3
3.16.0
3.16.1
3.16.10
3.16.2
3.16.3
3.16.4
3.16.5
3.16.6
3.16.7
3.16.8
3.16.9
3.17.0
3.17.1
3.17.2
3.17.3
3.17.4
3.17.5
3.17.6
3.17.7
3.17.8
3.18.0
3.18.1
3.18.2
3.18.3
3.18.4
3.18.5
3.18.6
3.19.0
3.19.1
3.19.2
3.2.0
3.2.1
3.2.2
3.2.3
3.2.4
3.2.5
3.2.6
3.20.0
3.20.1
3.20.2
3.20.3
3.21.0
3.21.1
3.21.2
3.3.0
3.3.1
3.3.2
3.3.3
3.3.4
3.3.5
3.3.6
3.3.7
3.3.8
3.4.0
3.4.2
3.4.3
3.4.4
3.4.5
3.4.6
3.4.7
3.4.8
3.5.0
3.5.1
3.5.2
3.6.0
3.7.0
3.8.0
3.8.1
3.9.0

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-10491.json"