ghsa-hpp2-2cr5-pf6g
Vulnerability from github
Published
2023-02-14 21:49
Modified
2023-02-14 21:49
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Denial of service due to unlimited number of parts
Details

Impact

  • The multipart body parser accepts an unlimited number of file parts.
  • The multipart body parser accepts an unlimited number of field parts.
  • The multipart body parser accepts an unlimited number of empty parts as field parts.

Patches

This is fixed in v7.4.1 (for Fastify v4.x) and v6.0.1 (for Fastify v3.x).

Workarounds

There are no known workaround.

References

Reported at https://hackerone.com/reports/1816195.

Show details on source website

To clipboard 

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "@fastify/multipart"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.0.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "@fastify/multipart"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "7.0.0"
            },
            {
              "fixed": "7.4.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-25576"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400",
      "CWE-770"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-02-14T21:49:55Z",
    "nvd_published_at": "2023-02-14T16:15:00Z",
    "severity": "HIGH"
  },
  "details": "### Impact\n\n* The multipart body parser accepts an unlimited number of file parts.\n* The multipart body parser accepts an unlimited number of field parts.\n* The multipart body parser accepts an unlimited number of empty parts as field\nparts.\n\n\n### Patches\n\nThis is fixed in v7.4.1 (for Fastify v4.x) and v6.0.1 (for Fastify v3.x).\n\n### Workarounds\n\nThere are no known workaround.  \n\n### References\n\nReported at https://hackerone.com/reports/1816195.",
  "id": "GHSA-hpp2-2cr5-pf6g",
  "modified": "2023-02-14T21:49:55Z",
  "published": "2023-02-14T21:49:55Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/fastify/fastify-multipart/security/advisories/GHSA-hpp2-2cr5-pf6g"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25576"
    },
    {
      "type": "WEB",
      "url": "https://github.com/fastify/fastify-multipart/commit/85be81bedf5b29cfd9fe3efc30fb5a17173c1297"
    },
    {
      "type": "WEB",
      "url": "https://hackerone.com/reports/1816195"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/fastify/fastify-multipart"
    },
    {
      "type": "WEB",
      "url": "https://github.com/fastify/fastify-multipart/releases/tag/v6.0.1"
    },
    {
      "type": "WEB",
      "url": "https://github.com/fastify/fastify-multipart/releases/tag/v7.4.1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Denial of service due to unlimited number of parts"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.