EPSS
Percentile
52.4%
fastify-multipart is vulnerable to prototype pollution. It accepts parsing of multipart requests with __proto__ key as field, allowing an attacker to provide such malicious requests to lead to an application crash in a remote server.
__proto__
github.com/advisories/GHSA-p9f8-gqjf-m75j
github.com/fastify/fastify-multipart/pull/116
hackerone.com/reports/804772