11 matches found
EUVD-2022-1154
Malicious code in bioql PyPI...
CVE-2020-8136
Prototype pollution vulnerability in fastify-multipart 1.0.5 allows an attacker to crash fastify applications parsing multipart requests by sending a specially crafted request...
GHSA-QH73-QC3P-RJV2 Uncaught Exception in fastify-multipart
Impact This is a bypass of CVE-2020-8136 https://vulners.com/cve/CVE-2020-8136. By providing a name=constructor property it is still possible to crash the application. The original fix only checks for the key proto https://github.com/fastify/fastify-multipart/pull/116. All users are recommended t...
Uncaught Exception in fastify-multipart
Impact This is a bypass of CVE-2020-8136 https://vulners.com/cve/CVE-2020-8136. By providing a name=constructor property it is still possible to crash the application. The original fix only checks for the key proto https://github.com/fastify/fastify-multipart/pull/116. All users are recommended t...
CVE-2021-23597
This affects the package fastify-multipart before 5.3.1. By providing a name=constructor property it is still possible to crash the application. Note: This is a bypass of CVE-2020-8136 https://security.snyk.io/vuln/SNYK-JS-FASTIFYMULTIPART-1290382...
Design/Logic Flaw
This affects the package fastify-multipart before 5.3.1. By providing a name=constructor property it is still possible to crash the application. Note: This is a bypass of CVE-2020-8136 https://security.snyk.io/vuln/SNYK-JS-FASTIFYMULTIPART-1290382...
@wmfs/tymly-fastify-plugin (>=1.57.0 <=1.59.0), homebridge-config-ui-x (>=4.41.4 <=4.43.0-test.2) potentially affected by CVE-2020-8136 +1 more via fastify-multipart (>=5.2.1 <=5.3.0)
fastify-multipart NPM version =5.2.1, =1.57.0, =4.41.4, =4.43.0-test.2 Source cves: CVE-2020-8136, CVE-2021-23597 Source advisory: SNYK:JS-FASTIFYMULTIPART-2395480...
@keep2zero/light (>=0.0.1 <=0.0.10), @logique/fastify-adapter (>=0.0.1 <=0.0.3-alpha.4) +9 more potentially affected by CVE-2020-8136 via fastify-multipart (>=0.2.0 <=0.8.2)
fastify-multipart NPM version =0.2.0, =0.0.1, =0.0.1, =0.0.1, =0.0.10, =1.0.20, =4.1.0, =9.0.0, =0.1.0, =5.4.1, =5.4.10 - nestjs-test =5.4.1 Source cves: CVE-2020-8136 Source advisory: OSV:GHSA-P9F8-GQJF-M75J...
CVE-2020-8136
Prototype pollution vulnerability in fastify-multipart 1.0.5 allows an attacker to crash fastify applications parsing multipart requests by sending a specially crafted request...
CVE-2020-8136
Prototype pollution vulnerability in fastify-multipart 1.0.5 allows an attacker to crash fastify applications parsing multipart requests by sending a specially crafted request...
CVE-2020-8136
CVE-2020-8136 affects fastify-multipart via a prototype-pollution path in versions below 1.0.5, enabling an attacker to crash Fastify applications during multipart request parsing with a crafted input. Connected advisories (GHSA-QH73-QC3P-RJV2 and RH/CVE entries) confirm a bypass vector involving...