Find more live information in Aikido here: https://app.aikido.dev/queue?sidebarIssue=13475903&groupId=6189&sidebarIssueTask=934638&sidebarTab=tasks
Scope
This task includes issues in the following code repository:
- anshuman-blog-nextjs: package-lock.json
TLDR
Use of Insufficiently Random Values vulnerability in form-data allows HTTP Parameter Pollution (HPP). This vulnerability is associated with program files lib/form_data.Js.
This issue affects form-data: < 2.5.4, 3.0.0 - 3.0.3, 4.0.0 - 4.0.3.
How to fix
We recommend updating from 4.0.0 to 4.0.4.
Find more live information in Aikido here: https://app.aikido.dev/queue?sidebarIssue=13475903&groupId=6189&sidebarIssueTask=934638&sidebarTab=tasks
Scope
This task includes issues in the following code repository:
TLDR
Use of Insufficiently Random Values vulnerability in form-data allows HTTP Parameter Pollution (HPP). This vulnerability is associated with program files lib/form_data.Js.
This issue affects form-data: < 2.5.4, 3.0.0 - 3.0.3, 4.0.0 - 4.0.3.
How to fix
We recommend updating from 4.0.0 to 4.0.4.