First published: Thu Jul 30 2020(Updated: )
A denial of service vulnerability exists in Fastify v2.14.1 and v3.0.0-rc.4 that allows a malicious user to trigger resource exhaustion (when the allErrors option is used) with specially crafted schemas.
Credit: support@hackerone.com
Affected Software | Affected Version | How to fix |
---|---|---|
Fastify Fastify | =2.14.1 | |
Fastify Fastify | =3.0.0-rc4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.