js · multerHeads-up
Multer DoS via Orphaned Partial Files
A vulnerability in Multer allows an attacker to cause Denial of Service (DoS) by aborting or sending malformed multipart uploads, leading to orphaned partial fi
What changed
A vulnerability in Multer allows an attacker to cause Denial of Service (DoS) by aborting or sending malformed multipart uploads, leading to orphaned partial files accumulating on disk when using diskStorage.
Who it affects
Users of Multer using diskStorage who accept multipart uploads.
What to do today
Upgrade to version 2.2.0, 3.0.0-alpha.2 or higher.
The trail
Collected→
Audited→
Written→
Published
Source
GitHub Advisory · multer