Skip to content

Releases: yahoo/express-busboy

v10.1.0

23 May 21:32
@redonkulus redonkulus
v10.1.0
db8378f
Compare
Choose a tag to compare
v10.1.0 Latest
Latest
  • feat: add an option to disable body parsing #41
Assets 2
Loading

v10.0.0

09 May 14:21
@redonkulus redonkulus
v10.0.0
ce9e5f0
Compare
Choose a tag to compare
v10.0.0
  • fix: use md5 hash for filename to avoid path traversal vulnerability #40
Assets 2
Loading

v9.0.0

23 May 20:48
@redonkulus redonkulus
v9.0.0
fbf3c15
Compare
Choose a tag to compare
v9.0.0
  • chore: upgrade to latest connect-busboy (#34) f5936f8
[email protected] > [email protected] > [email protected] > [email protected] -- [CVE-2022-24434](https://nvd.nist.gov/vuln/detail/CVE-2022-24434) This affects all versions of package dicer.
A malicious attacker can send a modified form to server, and crash the nodejs service. An attacker could sent the payload again and again so that the service continuously crashes.

v8.0.2...v9.0.0

Assets 2
Loading

v8.0.2

30 Mar 03:03
@redonkulus redonkulus
v8.0.2
d92b46f
Compare
Choose a tag to compare
v8.0.2

v8.0.1...v8.0.2

Assets 2
Loading

v8.0.1

21 Mar 15:00
@redonkulus redonkulus
v8.0.1
3580683
Compare
Choose a tag to compare
v8.0.1
  • chore: upgrade mkdirp dependency (#29) 0ac7986
  • Merge pull request #27 from mattlljones/name-fix 6455b51

v7.0.1...v8.0.1

Assets 2
Loading