ajinabraham.njsscan.dos.express_bodyparser_dos.express_bodyparser

profile photo of ajinabrahamajinabraham
Author
unknown
Download Count*
GPLv3
License

POST Request to Express Body Parser 'bodyParser()' can create Temporary files and consume space.

Run Locally

Run in CI

Semgrep CI docs

Defintion

Edit RuleView Source
Open in Playground 
rules:
  - id: express_bodyparser
    patterns:
      - pattern-inside: |
          $APP = express()
          ...
      - pattern-inside: |
          $APP.use(...)
      - pattern: $X.bodyParser(...)
    message: POST Request to Express Body Parser 'bodyParser()' can create Temporary
      files and consume space.
    languages:
      - javascript
    severity: ERROR
    metadata:
      owasp-web: a9
      cwe: cwe-400
      license: LGPL-3.0-or-later
      vulnerability_class:
        - Other