VYPR

npm package

connect-multiparty

pkg:npm/connect-multiparty

Vulnerabilities (1)

  • CVE-2022-29623May 16, 2022
    affected <= 2.2.0

    An arbitrary file upload vulnerability in the file upload module of Express Connect-Multiparty 2.2.0 allows attackers to execute arbitrary code via a crafted PDF file. NOTE: the Supplier has not verified this vulnerability report.