Skip to content

Version 0.40.0

Compare
Choose a tag to compare
@Kludex Kludex released this 15 Oct 06:51
· 21 commits to master since this release
4ded4b7

This release fixes a Denial of service (DoS) via multipart/form-data requests.

You can view the full security advisory:
GHSA-f96h-pmfr-66vw

Fixed

  • Add max_part_size to MultiPartParser to limit the size of parts in multipart/form-data
    requests fd038f3.