645 matches found
CVE-2018-3711
CVE-2018-3711 affects the Fastify node module prior to 0.38.0. A vulnerability allows a denial-of-service by sending a request with Content-Type: application/json and a very large payload, potentially making the service unresponsive. The issue is triggered by processing large JSON payloads; no ex...
CVE-2018-3711
Fastify node module before 0.38.0 is vulnerable to a denial-of-service attack by sending a request with "Content-Type: application/json" and a very large payload...
Denial-of-Service (DoS)
The Fastify library is vulnerable to denial-of-service DoS attacks when attackers send a request with with Content-Type:application/json and a payload that surpasses the internal string length limit of 2^30-25 bytes. Upon receipt, the process will crash due to an uncaughtException rendering it...
Fastify denial-of-service vulnerability with large JSON payloads
Overview Affected versions of fastify are vulnerable to a denial of service when processing a request with Content-Type set to application/json and a very large payload. Recommendation Update to version 0.38.0 or later. References - Commit fabd2a0 - HackerOne Report 303632 - GitHub Advisory...
Node.js third-party modules: Fastify denial-of-service vulnerability with large JSON payloads
Module: Fastify - https://www.npmjs.com/package/fastify Affected versions: =0.37.0 all version before 0.38.0 Summary: A denial-of-service attack can be performed against servers running Fastify by sending a request with "Content-Type: application/json" and a very large payload. Description: Fasti...