VulnerableCode Package Details - pkg:npm/multer@2.0.2

Search for packages

Vulnerability	Summary	Fixed by
VCID-1mcm-t5zu-skbu Aliases: CVE-2026-2359 GHSA-v52c-386h-88mc	Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability in Multer prior to version 2.1.0 allows an attacker to trigger a Denial of Service (DoS) by dropping connection during file upload, potentially causing resource exhaustion. Users should upgrade to version 2.1.0 to receive a patch. No known workarounds are available.	2.1.0 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-t744-ytsg-dydy Aliases: CVE-2026-3520 GHSA-5528-5vmv-3xc2	Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability in Multer prior to version 2.1.1 allows an attacker to trigger a Denial of Service (DoS) by sending malformed requests, potentially causing stack overflow. Users should upgrade to version 2.1.1 to receive a patch. No known workarounds are available.	2.1.1 Affected by 0 other vulnerabilities.
VCID-uytp-m7m5-kufp Aliases: CVE-2026-3304 GHSA-xf7r-hgr6-v32p	Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability in Multer prior to version 2.1.0 allows an attacker to trigger a Denial of Service (DoS) by sending malformed requests, potentially causing resource exhaustion. Users should upgrade to version 2.1.0 to receive a patch. No known workarounds are available.	2.1.0 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-1mcm-t5zu-skbu
Aliases:
CVE-2026-2359
GHSA-v52c-386h-88mc

Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability in Multer prior to version 2.1.0 allows an attacker to trigger a Denial of Service (DoS) by dropping connection during file upload, potentially causing resource exhaustion. Users should upgrade to version 2.1.0 to receive a patch. No known workarounds are available.

2.1.0
Affected by 1 other vulnerability.

VCID-t744-ytsg-dydy
Aliases:
CVE-2026-3520
GHSA-5528-5vmv-3xc2

Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability in Multer prior to version 2.1.1 allows an attacker to trigger a Denial of Service (DoS) by sending malformed requests, potentially causing stack overflow. Users should upgrade to version 2.1.1 to receive a patch. No known workarounds are available.

2.1.1
Affected by 0 other vulnerabilities.

VCID-uytp-m7m5-kufp
Aliases:
CVE-2026-3304
GHSA-xf7r-hgr6-v32p

Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability in Multer prior to version 2.1.0 allows an attacker to trigger a Denial of Service (DoS) by sending malformed requests, potentially causing resource exhaustion. Users should upgrade to version 2.1.0 to receive a patch. No known workarounds are available.

2.1.0
Affected by 1 other vulnerability.

Vulnerability	Summary	Aliases
VCID-gq87-pjtd-wyg5		CVE-2025-7338 GHSA-fjgf-rc76-4x9p

Vulnerability

Summary

Aliases

VCID-gq87-pjtd-wyg5

CVE-2025-7338
GHSA-fjgf-rc76-4x9p

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-13T15:14:17.748771+00:00	GitLab Importer	Fixing	VCID-gq87-pjtd-wyg5	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/multer/CVE-2025-7338.yml	38.6.0
2026-06-12T21:18:13.861850+00:00	GitLab Importer	Affected by	VCID-t744-ytsg-dydy	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/multer/CVE-2026-3520.yml	38.6.0
2026-06-12T21:11:40.432688+00:00	GitLab Importer	Affected by	VCID-1mcm-t5zu-skbu	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/multer/CVE-2026-2359.yml	38.6.0
2026-06-12T21:11:34.769807+00:00	GitLab Importer	Affected by	VCID-uytp-m7m5-kufp	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/multer/CVE-2026-3304.yml	38.6.0
2026-06-12T07:54:48.391561+00:00	GithubOSV Importer	Fixing	VCID-gq87-pjtd-wyg5	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/07/GHSA-fjgf-rc76-4x9p/GHSA-fjgf-rc76-4x9p.json	38.6.0