{"id":"CVE-2021-4247","details":"A vulnerability has been found in OWASP NodeGoat and classified as problematic. This vulnerability affects unknown code of the file app/routes/research.js of the component Query Parameter Handler. The manipulation leads to denial of service. The attack can be initiated remotely. The name of the patch is 4a4d1db74c63fb4ff8d366551c3af006c25ead12. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216184.","modified":"2026-03-14T11:15:17.179161Z","published":"2022-12-18T08:15:09.267Z","references":[{"type":"REPORT","url":"https://vuldb.com/?id.216184"},{"type":"FIX","url":"https://github.com/OWASP/NodeGoat/commit/4a4d1db74c63fb4ff8d366551c3af006c25ead12"},{"type":"FIX","url":"https://github.com/OWASP/NodeGoat/issues/225"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/owasp/nodegoat","events":[{"introduced":"0"},{"fixed":"4a4d1db74c63fb4ff8d366551c3af006c25ead12"}]},{"type":"GIT","repo":"https://github.com/owasp/nodegoat","events":[{"introduced":"0"},{"fixed":"4a4d1db74c63fb4ff8d366551c3af006c25ead12"}]}],"versions":["v1.0.0","v1.0.1","v1.1","v1.2","v1.3","v1.4"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-4247.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"2021-01-26"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}