danfojs icon indicating copy to clipboard operation
danfojs copied to clipboard
verified publisher icon javascriptdata

critical vulnerability form-data

Open rayeeroded opened this issue 5 months ago • 0 comments

form-data is a dependency of danfojs audit shows

│ critical │ form-data uses unsafe random function in form-data for │ │ │ choosing boundary │ ├───────────────┼──────────────────────────────────────────────────────────────┤ │ Package │ form-data │ ├───────────────┼──────────────────────────────────────────────────────────────┤ │ Patched in │ >=2.5.4 │ ├───────────────┼──────────────────────────────────────────────────────────────┤ │ Dependency of │ danfojs-node │ ├───────────────┼──────────────────────────────────────────────────────────────┤ │ Path │ danfojs-node > request > form-data │ ├───────────────┼──────────────────────────────────────────────────────────────┤ │ More info │ https://www.npmjs.com/advisories/1106509 │

rayeeroded avatar Sep 03 '25 17:09 rayeeroded