Skip to content

Fix security issue in form-data via minor version upgrade from 2.5.2 to 2.5.4#194

Merged
janb87 merged 1 commit into
mainfrom
fix/aikido-security-update-packages-6011978-bQvf
Aug 4, 2025
Merged

Fix security issue in form-data via minor version upgrade from 2.5.2 to 2.5.4#194
janb87 merged 1 commit into
mainfrom
fix/aikido-security-update-packages-6011978-bQvf

Conversation

@aikido-autofix

Copy link
Copy Markdown
Contributor

This PR will resolve the following CVEs:

CVE ID Severity Description
CVE-2025-7783
MEDIUM
Use of Insufficiently Random Values vulnerability in form-data allows HTTP Parameter Pollution (HPP). This vulnerability is associated with program files lib/form_data.Js.

This issue affects form-data: < 2.5.4, 3.0.0 - 3.0.3, 4.0.0 - 4.0.3.

@janb87
janb87 enabled auto-merge (squash) August 4, 2025 07:39
@janb87
janb87 merged commit 19b7c15 into main Aug 4, 2025
7 checks passed
@janb87
janb87 deleted the fix/aikido-security-update-packages-6011978-bQvf branch August 4, 2025 07:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant