swagger-express-middleware icon indicating copy to clipboard operation
swagger-express-middleware copied to clipboard
verified publisher icon APIDevTools

Patched dicer vulnerability

Open RyanFrodge opened this issue 3 years ago • 0 comments

multer exposed this package to a vulnerability through nested dependency originating from dicer.

multer and busboy have both been updated to remove dependency on dicer however the package with the vulnerability, dicer, is no longer maintained. In this version of multer busboy dependency is updated to remove subsequent dependency on dicer thereby fixing the vulnerability.

RyanFrodge avatar Sep 02 '22 19:09 RyanFrodge