VULN UPGRADE: minor: ws · patch: form-data [node_modules/undici]

[campaigner-prod]

Summary: Critical-severity security update — 2 packages upgraded (MINOR changes included)

Manifests changed:

• node_modules/undici (npm)

Updates

Package	From	To	Type	Vulnerabilities Fixed
form-data	4.0.0	4.0.5	patch	1 CRITICAL
ws	8.11.0	8.18.3	minor	1 HIGH

---

Security Details

🚨 Critical & High Severity (2 fixed)

Package	CVE	Severity	Summary	Unsafe Version	Fixed In
form-data	GHSA-fjxv-7rqg-78g4	CRITICAL	form-data uses unsafe random function in form-data for choosing boundary	4.0.0	2.5.4
ws	GHSA-3h5v-q93c-6h6q	HIGH	ws affected by a DoS when handling a request with many HTTP headers	8.11.0	5.2.4

---

Review Checklist

Enhanced review recommended for this update:

• Review changes for compatibility with your code
• Check release notes for breaking changes
• Run integration tests to verify service behavior
• Test in staging environment before production
• Monitor key metrics after deployment

---

Update Mode: Vulnerability Remediation (Critical/High)

🤖 Generated by DataDog Automated Dependency Management System