Debian/node-form-data — 3 CVEs

HIGH7.5CVE-2026-12143form-data: CRLF injection in form-data via unescaped multipart field names and filenames

from 0

—CVE-2025-7783form-data uses unsafe random function in form-data for choosing boundary

from 0, < 3.0.0-2+deb11u1

—CVE-2025-7783form-data uses unsafe random function in form-data for choosing boundary

from 0, < 3.0.0-2+deb11u1

pkg:Debian/node-form-data