richardgirges/express-fileupload

Releases49

Frequency2 months 3 days

Last Release 11 months ago

Stars1.56K

Simple express file upload middleware that wraps around busboy

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2020-7699 ↗	Jul 30, 2020Thursday, 30 July 2020, 09:15	7.5 HIGH	7.5 HIGH
This affects the package express-fileupload before 1.1.8. If the parseNested option is enabled, sending a corrupt HTTP request can lead to denial of service or arbitrary code execution.