13 matches found
CVE-2026-25224
A flaw was found in Fastify. A remote client can exploit this denial-of-service vulnerability by sending a slow or non-reading request when the application returns a ReadableStream or Response with a Web Stream body via reply.send. This can lead to unbounded buffering, exhausting server memory. T...
CVE-2026-25224
Fastify is a fast and low overhead web framework, for Node.js. Prior to version 5.7.3, a denial-of-service vulnerability in Fastify’s Web Streams response handling can allow a remote client to exhaust server memory. Applications that return a ReadableStream or Response with a Web Stream body via...
CVE-2026-25224 Fastify Vulnerable to DoS via Unbounded Memory Allocation in sendWebStream
Fastify is a fast and low overhead web framework, for Node.js. Prior to version 5.7.3, a denial-of-service vulnerability in Fastify’s Web Streams response handling can allow a remote client to exhaust server memory. Applications that return a ReadableStream or Response with a Web Stream body via...
CVE-2026-25224
CVE-2026-25224 affects Fastify (Node.js). Before 5.7.3, a DoS can occur when a remote client sends a slow or non-reading request while the app returns a ReadableStream (or Web Stream) via reply.send(), causing unbounded buffering and possible memory exhaustion. Impact: server degradation or crash...
CVE-2026-25224
Fastify is a fast and low overhead web framework, for Node.js. Prior to version 5.7.3, a denial-of-service vulnerability in Fastify’s Web Streams response handling can allow a remote client to exhaust server memory. Applications that return a ReadableStream or Response with a Web Stream body via...
CVE-2026-25224 Fastify Vulnerable to DoS via Unbounded Memory Allocation in sendWebStream
Fastify is a fast and low overhead web framework, for Node.js. Prior to version 5.7.3, a denial-of-service vulnerability in Fastify’s Web Streams response handling can allow a remote client to exhaust server memory. Applications that return a ReadableStream or Response with a Web Stream body via...
MAL-2025-149904 Malicious code in 4meme-readable-stream (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0bf6d930ea2c0ad7b353677dfafdbe18356b2cb350a496f593dfd2a284b6ec3e The package 4meme-readable-stream was found to contain malicious code. Source: ghsa-malware...
Malicious code in 4meme-readable-stream (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0bf6d930ea2c0ad7b353677dfafdbe18356b2cb350a496f593dfd2a284b6ec3e The package 4meme-readable-stream was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-120001
Malicious code in 4meme-readable-stream npm...
SUSE CVE-2020-6820
Under certain conditions, when handling a ReadableStream, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Thunderbird 68.7.0, Firefox 74.0.1, and Firefox ESR 68.6.1...
Mozilla: Use-after-free when handling a ReadableStream
A flaw was found in Mozilla's Firefox. A race condition can occur when handling a ReadableStream causing a use-after-free memory issue. The highest threat from this vulnerability are to data confidentiality and integrity as well as system availability...
Mozilla: Use-after-free when handling a ReadableStream
A flaw was found in Mozilla's Firefox. A race condition can occur when handling a ReadableStream causing a use-after-free memory issue. The highest threat from this vulnerability are to data confidentiality and integrity as well as system availability...
Mozilla: Use-after-free when handling a ReadableStream
A flaw was found in Mozilla's Firefox. A race condition can occur when handling a ReadableStream causing a use-after-free memory issue. The highest threat from this vulnerability are to data confidentiality and integrity as well as system availability...