Lucene search
PRIOn knowledge basePRION:CVE-2022-39288HistoryOct 10, 2022 - 9:15 p.m.
Design/Logic Flaw
2022-10-1021:15:00
PRIOn knowledge base
www.prio-n.com
9
fastify framework
denial of service
vulnerability
fix
version 4.8.1
upgrade
content-type header
node.js
0.002 Low
EPSS
Percentile
53.4%
fastify is a fast and low overhead web framework, for Node.js. Affected versions of fastify are subject to a denial of service via malicious use of the Content-Type header. An attacker can send an invalid Content-Type header that can cause the application to crash. This issue has been addressed in commit fbb07e8d and will be included in release version 4.8.1. Users are advised to upgrade. Users unable to upgrade may manually filter out http content with malicious Content-Type headers.
Related
cve
cve
CVE-2022-39288
2022-10-10 21:15:11
osv
osv
fastify vulnerable to denial of service via malicious Content-Type
2022-10-11 13:45:14
CVE-2022-39288
2022-10-10 21:15:11
cnvd
cnvd
Fastify Denial of Service Vulnerability
2022-10-12 00:00:00
hackerone
hackerone
Fastify: Deny of service via malicious Content-Type
2022-09-28 14:43:13
cvelist
cvelist
CVE-2022-39288 Denial of service in Fastify via Content-Type header
2022-10-10 00:00:00
veracode
veracode
Denial Of Service (DoS)
2022-10-13 03:38:31
github
github
fastify vulnerable to denial of service via malicious Content-Type
2022-10-11 13:45:14
nvd
nvd
CVE-2022-39288
2022-10-10 21:15:11