Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Fastify Security Vulnerabilities

cve
cve

CVE-2018-3711

Fastify node module before 0.38.0 is vulnerable to a denial-of-service attack by sending a request with "Content-Type: application/json" and a very large payload.

7.5CVSS

7.3AI Score

0.001EPSS

2018-06-07 02:29 AM
31
cve
cve

CVE-2020-8192

A denial of service vulnerability exists in Fastify v2.14.1 and v3.0.0-rc.4 that allows a malicious user to trigger resource exhaustion (when the allErrors option is used) with specially crafted schemas.

6.5CVSS

6.2AI Score

0.001EPSS

2020-07-30 01:15 PM
21
cve
cve

CVE-2022-39288

fastify is a fast and low overhead web framework, for Node.js. Affected versions of fastify are subject to a denial of service via malicious use of the Content-Type header. An attacker can send an invalid Content-Type header that can cause the application to crash. This issue has been addressed in ...

7.5CVSS

7.3AI Score

0.002EPSS

2022-10-10 09:15 PM
32
4
cve
cve

CVE-2022-41919

Fastify is a web framework with minimal overhead and plugin architecture. The attacker can use the incorrect Content-Type to bypass the Pre-Flight checking of fetch. fetch() requests with Content-Type’s essence as "application/x-www-form-urlencoded", "multipart/form-data", or "text/plain", could po...

8.8CVSS

8.6AI Score

0.001EPSS

2022-11-22 08:15 PM
54
13