recap-relay

grant/recap-relay

Fork 0

Commit Graph

Author	SHA1	Message	Date
Keysat	3a601e166a	Bump multer 1.4.5-lts.1 -> ^2.0.1 (DoS CVEs) multer 1.x is affected by CVE-2025-47944/47935/48997/7338 (malformed multipart crashes the process / leaks memory). 2.x raises catchable errors instead. Usage (diskStorage + .single("file")) is unchanged. Commit the server lockfile so the Dockerfile's npm-ci path pins the fix.	2026-06-13 16:23:26 -05:00

Author

SHA1

Message

Date

Keysat

3a601e166a

Bump multer 1.4.5-lts.1 -> ^2.0.1 (DoS CVEs)

multer 1.x is affected by CVE-2025-47944/47935/48997/7338 (malformed
multipart crashes the process / leaks memory). 2.x raises catchable
errors instead. Usage (diskStorage + .single("file")) is unchanged.
Commit the server lockfile so the Dockerfile's npm-ci path pins the fix.

2026-06-13 16:23:26 -05:00

1 Commits