You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Snyk Description: ## Overview express-fileupload is a file upload middleware for express that wraps around busboy.
Affected versions of this package are vulnerable to Arbitrary File Upload that allows attackers to execute arbitrary code when uploading a crafted PHP file.
Package Name: express-fileupload
Package Version: ['0.0.5']
Package Manager: npm
Target File: package.json
Severity Level: medium
Snyk ID: SNYK-JS-EXPRESSFILEUPLOAD-2635697
Snyk CVE: CVE-2022-27140
Snyk CWE: CWE-434
Link to issue in Snyk: https://app.snyk.io/org/cse_rhicksiii91/project/14f822de-b806-4bd7-9ad2-767a7feebe1d
Snyk Description: ## Overview
express-fileupload is a file upload middleware for express that wraps around busboy.
Affected versions of this package are vulnerable to Arbitrary File Upload that allows attackers to execute arbitrary code when uploading a crafted PHP file.
Remediation
There is no fixed version for
express-fileupload.References
The text was updated successfully, but these errors were encountered: