A denial of service vulnerability exists in Fastify v2.14.1 and v3.0.0-rc.4 that allows a malicious user to trigger resource exhaustion (when the allErrors option is used) with specially crafted schemas.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://hackerone.com/reports/903521 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: hackerone
Published: 2020-07-30T12:53:02
Updated: 2024-08-04T09:56:27.671Z
Reserved: 2020-01-28T00:00:00
Link: CVE-2020-8192
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-07-30T13:15:11.313
Modified: 2024-11-21T05:38:28.427
Link: CVE-2020-8192
Redhat
No data.