CVE-2022-24434

Published
View on NVD ↗
CVSS v3
7.5
HIGH
CVSS v2
5
MEDIUM
Affected
2
PROJECTS

Description

This affects all versions of package dicer. A malicious attacker can send a modified form to server, and crash the nodejs service. An attacker could sent the payload again and again so that the service continuously crashes.

mscdex/busboy
mscdex/busboy
A streaming parser for HTML form data for node.js
GitHubGitHub
3K
mscdex/dicer
mscdex/dicer
A very fast streaming multipart parser for node.js
GitHubGitHub
186