Lucene search

K

Fastify Security Vulnerabilities

cve
cve

CVE-2024-31999

@festify/secure-session creates a secure stateless cookie session for Fastify. At the end of the request handling, it will encrypt all data in the session with a secret key and attach the ciphertext as a cookie value with the defined cookie name. After that, the session on the server side is...

7.4CVSS

7.4AI Score

0.0004EPSS

2024-04-10 10:15 PM
28
cve
cve

CVE-2024-22207

fastify-swagger-ui is a Fastify plugin for serving Swagger UI. Prior to 2.1.0, the default configuration of @fastify/swagger-ui without baseDir set will lead to all files in the module's directory being exposed via http routes served by the module. The vulnerability is fixed in v2.1.0. Setting...

5.3CVSS

5.1AI Score

0.001EPSS

2024-01-15 04:15 PM
13
cve
cve

CVE-2023-51701

fastify-reply-from is a Fastify plugin to forward the current HTTP request to another server. A reverse proxy server built with @fastify/reply-from could misinterpret the incoming body by passing an header ContentType: application/json ; charset=utf-8. This can lead to bypass of security checks....

7.5CVSS

7.4AI Score

0.0005EPSS

2024-01-08 02:15 PM
10
cve
cve

CVE-2023-31999

All versions of @fastify/oauth2 used a statically generated state parameter at startup time and were used across all requests for all users. The purpose of the Oauth2 state parameter is to prevent Cross-Site-Request-Forgery attacks. As such, it should be unique per user and should be connected to.....

8.8CVSS

8.6AI Score

0.001EPSS

2023-07-04 05:15 PM
2314
cve
cve

CVE-2023-29019

@fastify/passport is a port of passport authentication library for the Fastify ecosystem. Applications using @fastify/passport in affected versions for user authentication, in combination with @fastify/session as the underlying session management mechanism, are vulnerable to session fixation...

8.1CVSS

8AI Score

0.001EPSS

2023-04-21 11:15 PM
22
cve
cve

CVE-2023-29020

@fastify/passport is a port of passport authentication library for the Fastify ecosystem. The CSRF (Cross-Site Request Forger) protection enforced by the @fastify/csrf-protection library, when combined with @fastify/passport in affected versions, can be bypassed by network and same-site attackers.....

6.5CVSS

6.5AI Score

0.001EPSS

2023-04-21 11:15 PM
27
cve
cve

CVE-2023-25576

@fastify/multipart is a Fastify plugin to parse the multipart content-type. Prior to versions 7.4.1 and 6.0.1, @fastify/multipart may experience denial of service due to a number of situations in which an unlimited number of parts are accepted. This includes the multipart body parser accepting an.....

7.5CVSS

7.2AI Score

0.001EPSS

2023-02-14 04:15 PM
23
cve
cve

CVE-2022-41919

Fastify is a web framework with minimal overhead and plugin architecture. The attacker can use the incorrect Content-Type to bypass the Pre-Flight checking of fetch. fetch() requests with Content-Type’s essence as "application/x-www-form-urlencoded", "multipart/form-data", or "text/plain", could...

8.8CVSS

8.6AI Score

0.001EPSS

2022-11-22 08:15 PM
54
13
cve
cve

CVE-2022-39386

@fastify/websocket provides WebSocket support for Fastify. Any application using @fastify/websocket could crash if a specific, malformed packet is sent. All versions of fastify-websocket are also impacted. That module is deprecated, so it will not be patched. This has been patched in version 7.1.1....

7.5CVSS

7.4AI Score

0.001EPSS

2022-11-08 10:15 PM
49
cve
cve

CVE-2022-39288

fastify is a fast and low overhead web framework, for Node.js. Affected versions of fastify are subject to a denial of service via malicious use of the Content-Type header. An attacker can send an invalid Content-Type header that can cause the application to crash. This issue has been addressed in....

7.5CVSS

7.3AI Score

0.002EPSS

2022-10-10 09:15 PM
32
4
cve
cve

CVE-2022-31142

@fastify/bearer-auth is a Fastify plugin to require bearer Authorization headers. @fastify/bearer-auth prior to versions 7.0.2 and 8.0.1 does not securely use crypto.timingSafeEqual. A malicious attacker could estimate the length of one valid bearer token. According to the corresponding RFC 6750,.....

7.5CVSS

7.4AI Score

0.001EPSS

2022-07-14 07:15 PM
37
4
cve
cve

CVE-2021-23597

This affects the package fastify-multipart before 5.3.1. By providing a name=constructor property it is still possible to crash the application. Note: This is a bypass of CVE-2020-8136...

7.5CVSS

7.3AI Score

0.002EPSS

2022-02-11 05:15 PM
58
cve
cve

CVE-2021-22964

A redirect vulnerability in the fastify-static module version >= 4.2.4 and < 4.4.1 allows remote attackers to redirect Mozilla Firefox users to arbitrary websites via a double slash // followed by a domain: http://localhost:3000//a//youtube.com/%2e%2e%2f%2e%2e.A DOS vulnerability is possible ...

8.8CVSS

8.3AI Score

0.001EPSS

2021-10-14 03:15 PM
61
cve
cve

CVE-2021-22963

A redirect vulnerability in the fastify-static module version < 4.2.4 allows remote attackers to redirect users to arbitrary websites via a double slash // followed by a domain: http://localhost:3000//google.com/%2e%2e.The issue shows up on all the fastify-static applications that set redirect:....

6.1CVSS

6AI Score

0.002EPSS

2021-10-14 03:15 PM
56
cve
cve

CVE-2021-29624

fastify-csrf is an open-source plugin helps developers protect their Fastify server against CSRF attacks. Versions of fastify-csrf prior to 3.1.0 have a "double submit" mechanism using cookies with an application deployed across multiple subdomains, e.g. "heroku"-style platform as a service....

6.5CVSS

6.2AI Score

0.001EPSS

2021-05-19 10:15 PM
64
2
cve
cve

CVE-2021-21322

fastify-http-proxy is an npm package which is a fastify plugin for proxying your http requests to another server, with hooks. By crafting a specific URL, it is possible to escape the prefix of the proxied backend service. If the base url of the proxied server is /pub/, a user expect that accessing....

10CVSS

9.1AI Score

0.002EPSS

2021-03-02 04:15 AM
105
8
cve
cve

CVE-2021-21321

fastify-reply-from is an npm package which is a fastify plugin to forward the current http request to another server. In fastify-reply-from before version 4.0.2, by crafting a specific URL, it is possible to escape the prefix of the proxied backend service. If the base url of the proxied server is....

10CVSS

9.1AI Score

0.002EPSS

2021-03-02 04:15 AM
77
7
cve
cve

CVE-2020-28482

This affects the package fastify-csrf before 3.0.0. 1. The generated cookie used insecure defaults, and did not have the httpOnly flag on: cookieOpts: { path: '/', sameSite: true } 2. The CSRF token was available in the GET query...

8.8CVSS

8.7AI Score

0.002EPSS

2021-01-19 03:15 PM
29
cve
cve

CVE-2020-8192

A denial of service vulnerability exists in Fastify v2.14.1 and v3.0.0-rc.4 that allows a malicious user to trigger resource exhaustion (when the allErrors option is used) with specially crafted...

6.5CVSS

6.2AI Score

0.001EPSS

2020-07-30 01:15 PM
21
cve
cve

CVE-2020-8136

Prototype pollution vulnerability in fastify-multipart < 1.0.5 allows an attacker to crash fastify applications parsing multipart requests by sending a specially crafted...

7.5CVSS

7.1AI Score

0.002EPSS

2020-03-20 07:15 PM
106
cve
cve

CVE-2018-3711

Fastify node module before 0.38.0 is vulnerable to a denial-of-service attack by sending a request with "Content-Type: application/json" and a very large...

7.5CVSS

7.3AI Score

0.001EPSS

2018-06-07 02:29 AM
31