A denial of service vulnerability exists in Fastify v2.14.1 and v3.0.0-rc.4 that allows a malicious user to trigger resource exhaustion (when the allErrors option is used) with specially crafted schemas.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://hackerone.com/reports/903521 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: hackerone
Published: 2020-07-30T12:53:02
Updated: 2024-08-04T09:56:27.671Z
Reserved: 2020-01-28T00:00:00
Link: CVE-2020-8192
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2020-07-30T13:15:11.313
Modified: 2020-08-06T18:46:22.860
Link: CVE-2020-8192
Redhat
No data.