-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4261-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb July 31, 2025 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : node-form-data Version : 3.0.0-2+deb11u1 CVE ID : CVE-2025-7783 Debian Bug : 1109551 It was discovered that there was a potential HTTP Parameter Pollution (HPP) issue in node-form-data, a tool to create multipart/form-data streams module in Node.js applications. For Debian 11 bullseye, this problem has been fixed in version 3.0.0-2+deb11u1. We recommend that you upgrade your node-form-data packages. For the detailed security status of node-form-data please refer to its security tracker page at: https://security-tracker.debian.org/tracker/node-form-data Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmiL7cQACgkQHpU+J9Qx HliRDg//fOyJigseRtnFX9YfLr0yyhKy8tANvag+NXezI0AV69KNoKW1UjKpSCML 0uYzSjiVLmPsswhEZ0wOWJkmF3Bvw8zpWTBCIqU6Rj5ngdYiUsrbUrHuAoj7A1NI NuSc7ixNDe+OENwt59BgwcaAFwyKOPF3+IGXDib9AbBKcs8jA9AZf423e80yh+ZC OZwY27VgJP7uCkRFVVcoAnWedmf3OXiZYjf6Za7ISFzP919U7345Q9k6T/PTB01W dntpoiGwbVlZUWcQCVZ+zvAY2ng4S8cMUJqPAC77yiRdrbzUXuuCB+hzJa5spdSC W59Sm+n2Db6wrx1vkgRh1tqcVRtePnBKjXa9O2uZ0F5jvtm7TZNoowQK4QQ/+Agw uD3HideQO6Ly59WwNqxS4dyZtqFw5bEiCNb4LmJk5Sr5s9QAV2kqB4GGk3mos5Pn SRDoEf3jDPNpWK7wN6zCgTPENSxfZ+LPoubPFiSBynQxUy7X1btB3PTJvu7bnGYt C6VYifAvqJ4sUB6y3lDgDHMJ+eY40P+2KoZqtJlhCrbWK6VrHE/XxtfdrMrbFJFk 6lxXu24XcCcQhjcBxsoppAc97xVHDCqO1H4mxS7xoXmkZ4HbU8KQ7Q25EWMQ/zmR 0uiiq8VL5v3OvgOL5CJsnmFit0vxxgOUIXUL3LMqX2mRp7D42+w= =coei -----END PGP SIGNATURE-----
