StackPatch is live — CVE patch ops for indie SaaS, $99 lifetime founder seat (50 only).See product

Back to CVE digest

Package · node-path-to-regexp

`node-path-to-regexp` CVE matrix across Linux distros

9 CVEs tracked across 8 distro releases. Showing the 9 most-recent fix records.

Ecosystems with tracked fixes

Debian bookwormDebian bullseyeDebian trixieUbuntu bionicUbuntu focalUbuntu jammyUbuntu nobleUbuntu xenial

Recent fix records

Each row links to the full per-CVE cross-distro view. Sorted most-recent first.

Ubuntu bionic

Source: Ubuntu USN

CVE-2024-45296→ fixed in1.0.1-1ubuntu0.18.04.1~esm1USN-8290-1

Single command to patch all of these:

sudo apt-get install --only-upgrade -y node-path-to-regexp

Ubuntu focal

Source: Ubuntu USN

CVE-2024-45296→ fixed in6.1.0-2ubuntu0.1~esm1USN-8290-1

Single command to patch all of these:

sudo apt-get install --only-upgrade -y node-path-to-regexp

Ubuntu jammy

Source: Ubuntu USN

CVE-2024-45296→ fixed in6.2.0-2ubuntu0.1~esm1USN-8290-1

Single command to patch all of these:

sudo apt-get install --only-upgrade -y node-path-to-regexp

Ubuntu noble

Source: Ubuntu USN

CVE-2024-45296→ fixed in6.2.1-1ubuntu0.1~esm1USN-8290-1

Single command to patch all of these:

sudo apt-get install --only-upgrade -y node-path-to-regexp

Ubuntu xenial

Source: Ubuntu USN

CVE-2024-45296→ fixed in1.0.1-1ubuntu0.16.04.1~esm1USN-8290-1

Single command to patch all of these:

sudo apt-get install --only-upgrade -y node-path-to-regexp

Debian trixie

Source: Debian

CVE-2024-45296→ fixed in6.3.0-1
CVE-2026-4867→ fixed in1.0.1-1

Single command to patch all of these:

sudo apt-get install --only-upgrade -y node-path-to-regexp

Debian bullseye

Source: Debian

CVE-2026-4867→ fixed in1.0.1-1

Single command to patch all of these:

sudo apt-get install --only-upgrade -y node-path-to-regexp

Debian bookworm

Source: Debian

CVE-2026-4867→ fixed in1.0.1-1

Single command to patch all of these:

sudo apt-get install --only-upgrade -y node-path-to-regexp

Is YOUR node-path-to-regexp patched?

5-second check on your actual server. The quickscan reads your installed node-path-to-regexp version and matches against the same 9-CVE catalog above.

curl https://mindsparkstack.com/scan.sh | bash

Form-based quickscan Continuous monitoring ($99 lifetime)