{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-21T01:19:40.606","vulnerabilities":[{"cve":{"id":"CVE-2025-47944","sourceIdentifier":"security-advisories@github.com","published":"2025-05-19T20:15:26.007","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability that is present starting in version 1.4.4-lts.1 and prior to version 2.0.0 allows an attacker to trigger a Denial of Service (DoS) by sending a malformed multi-part upload request. This request causes an unhandled exception, leading to a crash of the process. Users should upgrade to version 2.0.0 to receive a patch. No known workarounds are available."},{"lang":"es","value":"Multer es un middleware de Node.js para gestionar `multipart/form-data`. Una vulnerabilidad presente a partir de la versión 1.4.4-lts.1 y anteriores a la 2.0.0 permite a un atacante activar una denegación de servicio (DoS) mediante el envío de una solicitud de carga multiparte malformada. Esta solicitud provoca una excepción no controlada, lo que provoca un bloqueo del proceso. Los usuarios deben actualizar a la versión 2.0.0 para recibir un parche. No se conocen workarounds."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-248"}]}],"references":[{"url":"https://github.com/expressjs/multer/commit/2c8505f207d923dd8de13a9f93a4563e59933665","source":"security-advisories@github.com"},{"url":"https://github.com/expressjs/multer/issues/1176","source":"security-advisories@github.com"},{"url":"https://github.com/expressjs/multer/security/advisories/GHSA-4pg4-qvpc-4q3h","source":"security-advisories@github.com"}]}}]}