Lucene search
GoogleOSV:CVE-2021-23597HistoryFeb 11, 2022 - 5:15 p.m.
CVE-2021-23597
2022-02-1117:15:08
Google
osv.dev
7
cve-2021-23597
fastify-multipart
name=constructor property
application crash
cve-2020-8136 bypass
EPSS
0.002
Percentile
59.3%
This affects the package fastify-multipart before 5.3.1. By providing a name=constructor property it is still possible to crash the application. Note: This is a bypass of CVE-2020-8136 (https://security.snyk.io/vuln/SNYK-JS-FASTIFYMULTIPART-1290382).
Related
osv
osv
Uncaught Exception in fastify-multipart
2022-02-11 18:57:53
CVE-2020-8136
2020-03-20 19:15:12
Uncontrolled Resource Consumption in fastify-multipart
2021-05-06 17:28:36
prion
prion
Design/Logic Flaw
2022-02-11 17:15:00
Cross site request forgery (csrf)
2020-03-20 19:15:00
cvelist
cvelist
CVE-2021-23597 Denial of Service (DoS)
2022-02-11 17:05:13
CVE-2020-8136
2020-03-20 18:26:21
github
github
Uncaught Exception in fastify-multipart
2022-02-11 18:57:53
Uncontrolled Resource Consumption in fastify-multipart
2021-05-06 17:28:36
cve
cve
CVE-2021-23597
2022-02-11 17:15:08
CVE-2020-8136
2020-03-20 19:15:12
nvd
nvd
CVE-2021-23597
2022-02-11 17:15:08
CVE-2020-8136
2020-03-20 19:15:12
veracode
veracode
Denial Of Service (DoS)
2022-02-15 03:35:13
Prototype Pollution
2020-03-02 07:11:01
hackerone
hackerone
Node.js third-party modules: Prototype pollution in multipart parsing
2020-02-25 17:51:30