Aszx87410

**Name of the Vulnerable Software and Affected Versions** multiparty versions prior to 4.3.0 **Description** A denial of service issue exists due to regular expression backtracking in the Content-Disposition filename parameter parser. A crafted multipart upload containing a long header value can cause regex matching to take several seconds, which blocks the event loop. This affects any service that accepts multipart uploads using this library. **Recommendations** Upgrade to version 4.3.0 or higher. Limit upload sizes at the proxy or gateway layer to reduce the attack surface.