Moderate severityNVD Advisory· Published Jul 30, 2020· Updated Aug 4, 2024
CVE-2020-8192
CVE-2020-8192
Description
A denial of service vulnerability exists in Fastify v2.14.1 and v3.0.0-rc.4 that allows a malicious user to trigger resource exhaustion (when the allErrors option is used) with specially crafted schemas.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
fastifynpm | < 2.15.1 | 2.15.1 |
Affected products
2- Fastify/Fastifydescription
Patches
Vulnerability mechanics
References
4- github.com/advisories/GHSA-xw5p-hw6r-2j98ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-8192ghsaADVISORY
- github.com/fastify/fastify/commit/74c3157ca90c3ffed9e4434f63c2017471ec970eghsaWEB
- hackerone.com/reports/903521ghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.