H1-1025575 — Vulnetix

Try Vulnetix Request Demo

H1-1025575 PUBLISHED CVSS 5.900000095367432 MEDIUM

Default behavior of Fastifys versioned routes can be used for cache poisoning when Fastify is used in combination with a http cache / CDN

Risk Scores

CVSS v3.1

5.900000095367432

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Timeline

Dec 10, 2020 CVE Published
Dec 10, 2020 PoC Published

References

Default behavior of Fastifys versioned routes can be used for cache poisoning when Fastify is used in combination with a http cache / CDN advisory

Open in Interactive Console →