Merge pull request #33 from github/RDIL-GHSA-mq6c-fh97-4gwv

advisory-database[bot] · web-flow · commit b72a5dc05915 · 2022-03-01T22:18:17.000Z
diff --git a/advisories/github-reviewed/2018/07/GHSA-mq6c-fh97-4gwv/GHSA-mq6c-fh97-4gwv.json b/advisories/github-reviewed/2018/07/GHSA-mq6c-fh97-4gwv/GHSA-mq6c-fh97-4gwv.json
@@ -1,13 +1,13 @@
 {
   "schema_version": "1.2.0",
   "id": "GHSA-mq6c-fh97-4gwv",
-  "modified": "2020-08-31T18:27:57Z",
+  "modified": "2022-02-26T03:45:05Z",
   "published": "2018-07-18T21:20:34Z",
   "aliases": [
     "CVE-2018-3711"
   ],
-  "summary": "Fastify denial-of-service vulnerability with large JSON payloads in fastify",
-  "details": "Affected versions of `fastify` are vulnerable to a denial of service when processing a request with `Content-Type` set to `application/json` and a very large payload.\n\n\n## Recommendation\n\nUpdate to version 0.38.0 or later.",
+  "summary": "Denial of Service vulnerability with large JSON payloads in fastify",
+  "details": "Affected versions of `fastify` are vulnerable to a denial of service when processing a request with `Content-Type` set to `application/json` and a very large payload.\r\n\r\n\r\n## Recommendation\r\n\r\nUpdate to version 0.38.0 or later.",
   "severity": [
 
   ],
@@ -40,10 +40,6 @@
       "type": "ADVISORY",
       "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-3711"
     },
-    {
-      "type": "WEB",
-      "url": "https://github.com/fastify/fastify/pull/627"
-    },
     {
       "type": "WEB",
       "url": "https://github.com/fastify/fastify/commit/fabd2a011f2ffbb877394abe699f549513ffbd76"
@@ -59,13 +55,17 @@
     {
       "type": "WEB",
       "url": "https://www.npmjs.com/advisories/564"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/fastify/fastify/pull/627"
     }
   ],
   "database_specific": {
     "cwe_ids": [
       "CWE-770"
     ],
-    "severity": "HIGH",
-    "github_reviewed": true
+    "severity": "high",
+    "github_reviewed": null
   }
 }
