CVE-2018-7560

Published March 4th, 2018

View on NVD ↗

CVSS v3

7.5

HIGH

CVSS v2

MEDIUM

Affected

PROJECT

Description

index.js in the Anton Myshenin aws-lambda-multipart-parser NPM package before 0.1.2 has a Regular Expression Denial of Service (ReDoS) issue via a crafted multipart/form-data boundary string.

myshenin/aws-lambda-multipart-parser

Parser of multipart/form-data requests for AWS Lambda

GitHub