9 matches found
ROOT-APP-NPM-CVE-2025-7338 CVE-2025-7338 in @rootio/multer - Patched by Root
Root has patched CVE-2025-7338 in the @rootio/multer package for Root:npm. Multiple fixed versions available...
Security Bulletin: IBM OpenPages fixes multer package vulnerability (CVE-2025-7338)
Summary Vulnerability in the multer-2.0.1.tgz package with IBM OpenPages has been addressed in the latest IBM OpenPages fix pack version for 9.0 and 9.1 Vulnerability Details CVEID:CVE-2025-7338 DESCRIPTION: Multer is a node.js middleware for handling multipart/form-data. A vulnerability that is...
Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in multer-2.0.1.tgz
Summary Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in multer-2.0.1.tgz Vulnerability Details CVEID:CVE-2025-7338 DESCRIPTION: Multer is a node.js middleware for handling multipart/form-data. A vulnerability that is present starting in version 1.4.4-lts....
Security Bulletin: Vulnerability in Multer affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.
Summary Potential vulnerability in Multer has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerabilit...
Security Bulletin: IBM Watsonx BI is affected by a vulnerability in Multer node.js middleware for handling multipart/form-data
Summary Watsonx BI is affected by a vulnerability in Multer node.js middleware for handling multipart/form-data. This is starting in version 1.4.4-lts.1 and prior to version 2.0.2 allows an attacker to trigger a Denial of Service DoS by sending a malformed multi-part upload request. Vulnerability...
02url-querystring-http (>=1.0.1 <=1.0.4), 1-0-5-hai-aage-dekhte-hein-kya-aat-hai (>=1.0.5 <=1.0.6) +10047 more potentially affected by CVE-2025-7338 via multer (>=1.4.4-lts.1 <=2.0.1)
multer NPM version =1.4.4-lts.1, =1.0.1, =1.0.5, =2.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.3 - 6e-alpha-backend-admin =1.0.0 - 7-segunda-preentrega =1.0.0 and more Source cves: CVE-2025-7338 Source advisory: OSV:GHSA-FJGF-RC76-4X9P...
org.webjars.npm:nestjs__platform-express (>=8.4.7 <=9.0.0-next.2) potentially affected by CVE-2025-7338 via org.webjars.npm:multer (=1.4.4-lts.1)
org.webjars.npm:multer MAVEN version =1.4.4-lts.1 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:multer and may be impacted: - org.webjars.npm:nestjsplatform-express =8.4.7, =9.0.0-next.2 Source cves: CVE-2025-7338 Source advisory:...
CVE-2025-7338
creationtimestamp| type| source ---|---|--- 2025-07-17 16:22:13+00:00| seen| https://bsky.app/profile/ulisesgascon.com/post/3lu6doon2h22w 2025-12-09 03:37:09+00:00| published-proof-of-concept| Telegram/kmdOMxkNOmEREjunn-75FtIRjvIZPZNF95d8rgfXMKj0fP8...
CVE-2025-7338 Multer vulnerable to Denial of Service via unhandled exception from malformed request
Multer is a node.js middleware for handling multipart/form-data. A vulnerability that is present starting in version 1.4.4-lts.1 and prior to version 2.0.2 allows an attacker to trigger a Denial of Service DoS by sending a malformed multi-part upload request. This request causes an unhandled...