fastify-multipart (npm) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the npm package fastify-multipart, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (2)
CVE-2020-8136 — CVSS 7.5 (high): Prototype pollution vulnerability in fastify-multipart < 1.0.5 allows an attacker to crash fastify applications parsing multipart requests…
CVE-2021-23597 — CVSS 7.5 (high): This affects the package fastify-multipart before 5.3.1. By providing a name=constructor property it is still possible to crash the…