4 matches found
Node.js Express Fileupload Remote Code Execution (CVE-2020-7699)
A remote code execution vulnerability exists in Node.js express-fileupload package. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
CVE-2020-7699
This affects the package express-fileupload before 1.1.8. If the parseNested option is enabled, sending a corrupt HTTP request can lead to denial of service or arbitrary code execution...
CVE-2020-7699 Prototype Pollution
This affects the package express-fileupload before 1.1.8. If the parseNested option is enabled, sending a corrupt HTTP request can lead to denial of service or arbitrary code execution...
CVE-2020-7699
CVE-2020-7699 affects the Node.js Express Fileupload package: versions prior to 1.1.8 are vulnerable when the parseNested option is enabled. The root cause is a prototype pollution issue that can enable denial of service or arbitrary code execution via specially crafted HTTP requests. A fix is av...