Skip to content

Commit ba6346d

Browse files
BrentIOclaude
andcommitted
Upgrade ESPAsyncWebServer from v3.11.0 to v3.11.1
Patches CWE-190 DoS vulnerability via specially crafted multipart boundary parameter (ESP32Async/ESPAsyncWebServer#445). Directly applicable since the firmware accepts multipart POSTs for OTA and config restore endpoints. Closes #481 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
1 parent 819618e commit ba6346d

1 file changed

Lines changed: 1 addition & 1 deletion

File tree

libraries.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -31,7 +31,7 @@ libraries:
3131
version: "2.0.2"
3232
url: "https://github.com/arduino-libraries/Ethernet"
3333
- name: "ESPAsyncWebServer"
34-
version: "v3.11.0"
34+
version: "v3.11.1"
3535
url: "https://github.com/ESP32Async/ESPAsyncWebServer"
3636
- name: "BrentIO_esp32OTA"
3737
version: "2026.05.06"

0 commit comments

Comments
 (0)