A denial of service vulnerability exists in Fastify v2.14.1 and v3.0.0-rc.4 that allows a malicious user to trigger resource exhaustion (when the allErrors option is used) with specially crafted schemas.
References
Link | Resource |
---|---|
https://hackerone.com/reports/903521 | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2020-07-30 13:15
Updated : 2024-02-04 21:00
NVD link : CVE-2020-8192
Mitre link : CVE-2020-8192
CVE.ORG link : CVE-2020-8192
JSON object : View
Products Affected
fastify
- fastify
CWE
CWE-400
Uncontrolled Resource Consumption