Skip to content

Comments

fix(deps): update dependency @fastify/multipart to v8.3.1 [security]#879

Open
renovate[bot] wants to merge 1 commit intomainfrom
renovate/npm-fastify-multipart-vulnerability
Open

fix(deps): update dependency @fastify/multipart to v8.3.1 [security]#879
renovate[bot] wants to merge 1 commit intomainfrom
renovate/npm-fastify-multipart-vulnerability

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Jan 23, 2025

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
@fastify/multipart 8.0.08.3.1 age adoption passing confidence

GitHub Vulnerability Alerts

CVE-2025-24033

Impact

The saveRequestFiles function does not delete the uploaded temporary files when user cancels the request.

Patches

Fixed in version 8.3.1 and 9.0.3

Workarounds

Do not use saveRequestFiles.

References

This was identified in https://github.com/fastify/fastify-multipart/issues/546 and fixed in https://github.com/fastify/fastify-multipart/pull/567.


Release Notes

fastify/fastify-multipart (@​fastify/multipart)

v8.3.1

Compare Source

What's Changed

Full Changelog: fastify/fastify-multipart@v8.3.0...v8.3.1

v8.3.0

Compare Source

What's Changed

Full Changelog: fastify/fastify-multipart@v8.2.0...v8.3.0

v8.2.0

Compare Source

What's Changed

Full Changelog: fastify/fastify-multipart@v8.1.0...v8.2.0

v8.1.0

Compare Source

What's Changed

New Contributors

Full Changelog: fastify/fastify-multipart@v8.0.0...v8.1.0


Configuration

📅 Schedule: Branch creation - "" in timezone Asia/Shanghai, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot added the renovate label Jan 23, 2025
@renovate renovate bot force-pushed the renovate/npm-fastify-multipart-vulnerability branch from 292b440 to ecad99a Compare August 10, 2025 13:57
@renovate renovate bot force-pushed the renovate/npm-fastify-multipart-vulnerability branch from ecad99a to 292f6d2 Compare August 19, 2025 18:51
@renovate renovate bot force-pushed the renovate/npm-fastify-multipart-vulnerability branch from 292f6d2 to 7606440 Compare December 31, 2025 15:16
@renovate renovate bot force-pushed the renovate/npm-fastify-multipart-vulnerability branch from 7606440 to 74bedc2 Compare January 19, 2026 16:36
@renovate renovate bot force-pushed the renovate/npm-fastify-multipart-vulnerability branch from 74bedc2 to 3b83421 Compare February 2, 2026 16:31
@renovate renovate bot force-pushed the renovate/npm-fastify-multipart-vulnerability branch from 3b83421 to 8a33e7d Compare February 12, 2026 12:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants