Lucene search
Fastify-multipart Security Vulnerabilities
cve
@fastify/multipart is a Fastify plugin to parse the multipart content-type. Prior to versions 7.4.1 and 6.0.1, @fastify/multipart may experience denial of service due to a number of situations in which an unlimited number of parts are accepted. This includes the multipart body parser accepting an.....
7.5CVSS
7.2AI Score
0.001EPSS
2023-02-14 04:15 PM
23
cve
This affects the package fastify-multipart before 5.3.1. By providing a name=constructor property it is still possible to crash the application. Note: This is a bypass of CVE-2020-8136...
7.5CVSS
7.4AI Score
0.002EPSS
2022-02-11 05:15 PM
56
cve
Prototype pollution vulnerability in fastify-multipart < 1.0.5 allows an attacker to crash fastify applications parsing multipart requests by sending a specially crafted...
7.5CVSS
7.2AI Score
0.002EPSS
2020-03-20 07:15 PM
104