CVE-2025-7783: form-data uses unsafe random function in form-data for choosing boundary

Dependabot has reported the following vulnerabilities: 

- https://github.com/advisories/GHSA-fjxv-7rqg-78g4
- https://github.com/advisories/GHSA-rm8p-cx58-hcvx

Both are dependencies of the same package `openapitools/openapi-generator-cli`

Csaf-validator-service is not affected by this vulnerability because :

Csag-validator-service uses this package only for development, but not for production.

This is shown in the following VEX:

[bsi-2025-0004.json](https://github.com/user-attachments/files/21411687/bsi-2025-0004.json)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

CVE-2025-7783: form-data uses unsafe random function in form-data for choosing boundary #166

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

CVE-2025-7783: form-data uses unsafe random function in form-data for choosing boundary #166

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions