Pillarjs Path-to-regexp

5 CVEs affecting Pillarjs Path-to-regexp. Latest disclosed: 2026-03-26. Critical: 0, High: 3.

Top CVEs affecting Pillarjs Path-to-regexp
CVESeverityScorePublishedSummary
CVE-2026-4926High7.52026-03-26Impact: A bad regular expression is generated any time you have multiple sequential optional groups (curly brace syntax), such as `{a}{b}{c}:z`. The generated…
CVE-2026-4867High7.52026-03-26Impact: A bad regular expression is generated any time you have three or more parameters within a single segment, separated by something that is not a period…
CVE-2024-45296High7.52024-09-09path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause…
CVE-2026-4923Medium5.92026-03-26Impact: When using multiple wildcards, combined with at least one parameter, a regular expression can be generated that is vulnerable to ReDoS. This backtrack…
CVE-2024-527982024-12-05path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause…