2 matches found
CVE-2026-42037
creationtimestamp| type| source ---|---|--- 2026-05-05 01:10:29+00:00| seen| https://gist.github.com/alon710/f60cd3417122b17fedb1824de3dd0f54 2026-05-07 12:01:41+00:00| seen| https://bsky.app/profile/lambdawatchdog.bsky.social/post/3mlb67ljugz2o 2026-05-08 12:01:36+00:00| seen|...
UBUNTU-CVE-2026-42037
Axios is a promise based HTTP client for the browser and Node.js. From 1.0.0 to before 1.15.1, the FormDataPart constructor in lib/helpers/formDataToStream.js interpolates value.type directly into the Content-Type header of each multipart part without sanitizing CRLF \r\n sequences. An attacker w...