Skip to content

Update dependency body-parser to v1.20.6#49

Open
mend-for-github-com[bot] wants to merge 1 commit into
mainfrom
whitesource-remediate/body-parser-1.x-lockfile
Open

Update dependency body-parser to v1.20.6#49
mend-for-github-com[bot] wants to merge 1 commit into
mainfrom
whitesource-remediate/body-parser-1.x-lockfile

Conversation

@mend-for-github-com

@mend-for-github-com mend-for-github-com Bot commented Jun 15, 2026

Copy link
Copy Markdown
Contributor

This PR contains the following updates:

Package Type Update Change
body-parser dependencies patch 1.20.41.20.6

By merging this PR, the issue #36 will be automatically resolved and closed:

Severity CVSS Score Vulnerability
Medium Medium 5.3 CVE-2026-8723
Low Low 3.7 CVE-2026-12590

Release Notes

expressjs/body-parser (body-parser)

v1.20.6

Compare Source

Important: Security

What's Changed

Full Changelog: expressjs/body-parser@1.20.5...1.20.6

v1.20.5

Compare Source

What's Changed

The reason for this release is a fix to the extended urlencoded parser returning objects instead of arrays for large array inputs (> 100) on qs@​6.14.2+. (#​716)

New Contributors

Special thanks to triager @​krzysdz for keeping this on our radar and effectively triaging the specific issue!

Full Changelog: expressjs/body-parser@1.20.4...1.20.5


  • If you want to rebase/retry this PR, check this box

@mend-for-github-com mend-for-github-com Bot added the security fix Security fix generated by Mend label Jun 15, 2026
@mend-for-github-com mend-for-github-com Bot force-pushed the whitesource-remediate/body-parser-1.x-lockfile branch from 32770df to 9fc13f4 Compare June 25, 2026 09:27
@mend-for-github-com mend-for-github-com Bot changed the title Update dependency body-parser to v1.20.5 Update dependency body-parser to v1.20.6 Jul 12, 2026
@mend-for-github-com mend-for-github-com Bot force-pushed the whitesource-remediate/body-parser-1.x-lockfile branch from 9fc13f4 to f127fce Compare July 12, 2026 15:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

security fix Security fix generated by Mend

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants