{ "dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": { "cveId": "CVE-2026-3520", "assignerOrgId": "ce714d77-add3-4f53-aff5-83d477b104bb", "state": "PUBLISHED", "assignerShortName": "openjs", "dateReserved": "2026-03-04T15:27:42.237Z", "datePublished": "2026-03-04T16:17:18.962Z", "dateUpdated": "2026-07-15T01:03:04.430Z" }, "containers": { "cna": { "providerMetadata": { "orgId": "ce714d77-add3-4f53-aff5-83d477b104bb", "shortName": "openjs", "dateUpdated": "2026-03-04T16:17:18.962Z" }, "descriptions": [ { "lang": "en", "value": "Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability in Multer prior to version 2.1.1 allows an attacker to trigger a Denial of Service (DoS) by sending malformed requests, potentially causing stack overflow. Users should upgrade to version 2.1.1 to receive a patch. No known workarounds are available.", "supportingMedia": [ { "type": "text/html", "base64": false, "value": "Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability in Multer prior to version 2.1.1 allows an attacker to trigger a Denial of Service (DoS) by sending malformed requests, potentially causing stack overflow. Users should upgrade to version 2.1.1 to receive a patch. No known workarounds are available." } ] } ], "affected": [ { "vendor": "expressjs", "product": "multer", "defaultStatus": "unaffected", "versions": [ { "versionType": "semver", "status": "affected", "version": "0", "lessThan": "2.1.1" } ], "packageURL": "pkg:npm/multer" } ], "references": [ { "url": "https://github.com/expressjs/multer/security/advisories/GHSA-5528-5vmv-3xc2" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2026-3520" }, { "url": "https://github.com/expressjs/multer/commit/7e66481f8b2e6c54b982b34c152479e096ce2752" }, { "url": "https://cna.openjsf.org/security-advisories.html" } ], "credits": [ { "lang": "en", "type": "reporter", "value": "Yuki Matsuhashi" }, { "lang": "en", "type": "remediation developer", "value": "Chris de Almeida" }, { "lang": "en", "type": "remediation reviewer", "value": "Ulises Gascón" } ], "title": "Multer vulnerable to Denial of Service via uncontrolled recursion", "metrics": [ { "format": "CVSS", "cvssV4_0": { "version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "baseScore": 8.7, "baseSeverity": "HIGH" }, "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-674", "lang": "en", "description": "CWE-674: Uncontrolled Recursion", "type": "CWE" } ] } ], "x_generator": { "engine": "cve-kit 1.0.0" } }, "adp": [ { "metrics": [ { "other": { "type": "ssvc", "content": { "timestamp": "2026-03-04T17:12:05.396070Z", "id": "CVE-2026-3520", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "version": "2.0.3" } } } ], "title": "CISA ADP Vulnrichment", "providerMetadata": { "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-04T17:12:25.815Z" } }, { "affected": [ { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:rhdh:1.8::el9" ], "defaultStatus": "affected", "packageName": "rhdh/rhdh-hub-rhel9", "product": "Red Hat Developer Hub 1.8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "1774545605", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:rhdh:1.9::el9" ], "defaultStatus": "affected", "packageName": "rhdh/rhdh-hub-rhel9", "product": "Red Hat Developer Hub 1.9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "1775140647", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:ansible_portal:2" ], "defaultStatus": "affected", "packageName": "ansible-automation-platform/automation-portal", "product": "Self-service automation portal 2", "vendor": "Red Hat" } ], "datePublic": "2026-03-04T16:17:18.962Z", "descriptions": [ { "lang": "en", "value": "A denial of service flaw was found in Multer, a Node.js middleware for handling `multipart/form-data`. A remote attacker can send specially crafted malformed requests which may induce a stack overflow. This can lead to a Denial of Service (DoS) making the service unavailable." } ], "metrics": [ { "other": { "content": { "namespace": "https://access.redhat.com/security/updates/classification/", "value": "Important" }, "type": "Red Hat severity rating" } }, { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-770", "description": "Allocation of Resources Without Limits or Throttling", "lang": "en", "type": "CWE" } ] } ], "references": [ { "tags": [ "vdb-entry", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/security/cve/CVE-2026-3520" }, { "name": "RHBZ#2444584", "tags": [ "issue-tracking", "x_refsource_REDHAT" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444584" }, { "tags": [ "x_sadp-csaf-vex" ], "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3520.json" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:6174" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:6802" } ], "solutions": [ { "lang": "en", "value": "RHSA-2026:6174: Red Hat Developer Hub 1.8" }, { "lang": "en", "value": "RHSA-2026:6802: Red Hat Developer Hub 1.9" } ], "timeline": [ { "lang": "en", "time": "2026-03-04T17:01:43.432Z", "value": "Reported to Red Hat." }, { "lang": "en", "time": "2026-03-04T16:17:18.962Z", "value": "Made public." } ], "title": "multer: Multer: Denial of Service via malformed requests", "workarounds": [ { "lang": "en", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability." } ], "x_adpType": "supplier", "x_generator": { "engine": "sadp-cli 1.0.0" }, "providerMetadata": { "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c", "shortName": "redhat-SADP", "dateUpdated": "2026-07-15T01:03:04.430Z" } } ] } }