Security Vulnerabilities CVE-2022-24434

mscdex / dicer

A very fast streaming multipart parser for node.js

MIT License

186 stars 37 forks source link

Security Vulnerabilities CVE-2022-24434 #36

Closed mel-nick closed 5 months ago

mel-nick commented 5 months ago

This affects all versions of package dicer. A malicious attacker can send a modified form to server, and crash the node.js service. An attacker could sent the payload again and again so that the service continuously crashes.

Detected by: Black Duck (SCA)

Scan date: Jun 5, 2024, 12:14 PM

mscdex commented 5 months ago

Duplicate of https://github.com/mscdex/dicer/pull/22.