EUVD-2021-1148

Malware in sbrugna...

EUVD-2022-1154

Malicious code in bioql PyPI...

CVE-2023-25576 @fastify/multipart vulnerable to DoS due to unlimited number of parts

@fastify/multipart is a Fastify plugin to parse the multipart content-type. Prior to versions 7.4.1 and 6.0.1, @fastify/multipart may experience denial of service due to a number of situations in which an unlimited number of parts are accepted. This includes the multipart body parser accepting an...

@adminjs/fastify (>=1.0.0 <=2.0.0), @autotelic/apollo-server-fastify (>=4.0.0 <=4.1.1) +46 more potentially affected by CVE-2021-23597 via fastify-multipart (>=0.2.0 <=5.3.0)

fastify-multipart NPM version =0.2.0, =1.0.0, =4.0.0, =0.0.1, =1.0.0, =1.0.2, =1.1.7, =1.1.7, =0.0.1, =0.0.1-rc2, =0.0.3, =0.0.5, =0.0.0, =0.0.1, =1.0.0, =1.0.1 and more Source cves: CVE-2021-23597 Source advisory: OSV:GHSA-QH73-QC3P-RJV2...