Lucene search
Veracode Vulnerability DatabaseVERACODE:22609HistoryMar 02, 2020 - 7:11 a.m.
Prototype Pollution
2020-03-0207:11:01
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
16
EPSS
0.002
Percentile
52.4%
fastify-multipart is vulnerable to prototype pollution. It accepts parsing of multipart requests with __proto__ key as field, allowing an attacker to provide such malicious requests to lead to an application crash in a remote server.
Related
osv
osv
CVE-2020-8136
2020-03-20 19:15:12
Uncontrolled Resource Consumption in fastify-multipart
2021-05-06 17:28:36
CVE-2021-23597
2022-02-11 17:15:08
prion
prion
Cross site request forgery (csrf)
2020-03-20 19:15:00
Design/Logic Flaw
2022-02-11 17:15:00
hackerone
hackerone
Node.js third-party modules: Prototype pollution in multipart parsing
2020-02-25 17:51:30
cve
cve
CVE-2020-8136
2020-03-20 19:15:12
CVE-2021-23597
2022-02-11 17:15:08
cvelist
cvelist
CVE-2020-8136
2020-03-20 18:26:21
CVE-2021-23597 Denial of Service (DoS)
2022-02-11 17:05:13
nvd
nvd
CVE-2020-8136
2020-03-20 19:15:12
CVE-2021-23597
2022-02-11 17:15:08
github
github
Uncontrolled Resource Consumption in fastify-multipart
2021-05-06 17:28:36
Uncaught Exception in fastify-multipart
2022-02-11 18:57:53