CVE-2020-8192

Uncontrolled Resource Consumption in npm/fastify

Identifiers

CVE-2020-8192

Package Slug

npm/fastify

Vulnerability

Uncontrolled Resource Consumption

Description

A denial of service vulnerability exists in Fastify that allows a malicious user to trigger resource exhaustion (when the allErrors option is used) with specially crafted schemas.

Affected Versions

All versions before 2.15.1

Solution

Upgrade to versions 2.15.1, 3.0.0 or above.

Last Modified

2020-08-07

source