| Release | Version |
|---|---|
| bullseye | 4.17.1-3 |
| bookworm | 4.18.2+~4.17.14-1 |
| trixie | 4.21.0+~cs8.36.26-2 |
| sid | 4.21.0+~cs8.36.26-2 |
| Bug | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|
| CVE-2024-43796 | vulnerable (no DSA, postponed) | vulnerable (no DSA) | fixed | fixed | Express.js minimalist web framework for node. In express < 4.20.0, pas ... |
| CVE-2024-29041 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | Express.js minimalist web framework for node. Versions of Express.js p ... |
| CVE-2024-10491 | vulnerable | vulnerable (no DSA) | vulnerable | vulnerable | A vulnerability has been identified in the Express response.linksfunct ... |
| Bug | Description |
|---|---|
| CVE-2024-9266 | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in E ... |
| CVE-2014-6393 | The Express web framework before 3.11 and 4.x before 4.5 for Node.js d ... |