Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in multer-1.4.4-lts.1.tgz

Summary IBM Watson Discovery Cartridge contains a vulnerable version of multer-1.4.4-lts.1.tgz Vulnerability Details CVEID:CVE-2025-48997 DESCRIPTION: Multer is a node.js middleware for handling multipart/form-data. A vulnerability that is present starting in version 1.4.4-lts.1 and prior to...

GHSA-G5HG-P3PH-G8QG Multer vulnerable to Denial of Service via unhandled exception

Impact A vulnerability in Multer versions =1.4.4-lts.1, 2.0.1 allows an attacker to trigger a Denial of Service DoS by sending an upload file request with an empty string field name. This request causes an unhandled exception, leading to a crash of the process. Patches Users should upgrade to 2.0...

Uncaught Exception

Overview Affected versions of this package are vulnerable to Uncaught Exception in makeMiddleware, when processing a file upload request. An attacker can cause the application to crash by sending a request with a field name containing an empty string. Remediation A fix was pushed into the master...

Multer 安全漏洞

Multer is an expressjs open source middleware for Node.js. A security vulnerability exists in Multer versions 1.4.4-lts.1 through prior to 2.0.1, which stems from an upload file request with an empty string field name that could result in a denial of service...