CVE-2024-31999 @fastify/secure-session: Reuse of destroyed secure session cookie

@festify/secure-session creates a secure stateless cookie session for Fastify. At the end of the request handling, it will encrypt all data in the session with a secret key and attach the ciphertext as a cookie value with the defined cookie name. After that, the session on the server side is...

@artgenio/core (>=0.6.3 <=0.7.1), @assert-server/core (>=1.0.0 <=1.0.2) +21 more potentially affected by CVE-2024-31999 via @fastify/secure-session (>=4.1.1 <=7.1.0)

@fastify/secure-session NPM version =4.1.1, =0.6.3, =1.0.0, =1.1.2, =1.0.0, =1.0.1, =0.1.1, =0.1.0, =0.7.0, =1.0.8, =0.5.1, =0.1.4, =0.0.1, =0.0.1, =1.0.0-1, =1.0.0-3 and more Source cves: CVE-2024-31999 Source advisory: OSV:GHSA-9WWP-Q7WQ-JX35...

Fastify 安全漏洞

Fastify is an OpenJS Foundation open source web framework for Node.js. A security vulnerability exists in Fastify secure-session versions prior to 7.3.0, which stems from a vulnerability that allows an attacker to reuse a corrupted secure-session cookie...

GHSA-62JR-84GF-WMG4 Default swagger-ui configuration exposes all files in the module

Impact The default configuration of @fastify/swagger-ui without baseDir set will lead to all files in the module's directory being exposed via http routes served by the module. Patches Update to v2.1.0 Workarounds Use the baseDir option References HackerOne report...

Default swagger-ui configuration exposes all files in the module

Impact The default configuration of @fastify/swagger-ui without baseDir set will lead to all files in the module's directory being exposed via http routes served by the module. Patches Update to v2.1.0 Workarounds Use the baseDir option References HackerOne report...

Directory Traversal

fastify-swagger-ui is vulnerable to Directory Traversal. The vulnerability is caused due to a default configuration issue in @fastify/swagger-ui .If the baseDir option is not set, the module exposes all files in its directory through the HTTP route it serves. This allows an attacker to gain...

CVE-2024-22207

fastify-swagger-ui is a Fastify plugin for serving Swagger UI. Prior to 2.1.0, the default configuration of @fastify/swagger-ui without baseDir set will lead to all files in the module's directory being exposed via http routes served by the module. The vulnerability is fixed in v2.1.0. Setting th...

Default configuration

fastify-swagger-ui is a Fastify plugin for serving Swagger UI. Prior to 2.1.0, the default configuration of @fastify/swagger-ui without baseDir set will lead to all files in the module's directory being exposed via http routes served by the module. The vulnerability is fixed in v2.1.0. Setting th...

CVE-2024-22207 Default swagger-ui configuration exposes all files in the module

fastify-swagger-ui is a Fastify plugin for serving Swagger UI. Prior to 2.1.0, the default configuration of @fastify/swagger-ui without baseDir set will lead to all files in the module's directory being exposed via http routes served by the module. The vulnerability is fixed in v2.1.0. Setting th...

CVE-2024-22207 Default swagger-ui configuration exposes all files in the module

fastify-swagger-ui is a Fastify plugin for serving Swagger UI. Prior to 2.1.0, the default configuration of @fastify/swagger-ui without baseDir set will lead to all files in the module's directory being exposed via http routes served by the module. The vulnerability is fixed in v2.1.0. Setting th...

CVE-2024-22207

CVE-2024-22207 affects the fastify-swagger-ui Fastify plugin. Before version 2.1.0, the default configuration of @fastify/swagger-ui without a baseDir exposes all files in the module directory via HTTP routes, enabling information disclosure. The issue is resolved in v2.1.0; as a workaround, conf...

CVE-2024-22207 Default swagger-ui configuration exposes all files in the module

fastify-swagger-ui is a Fastify plugin for serving Swagger UI. Prior to 2.1.0, the default configuration of @fastify/swagger-ui without baseDir set will lead to all files in the module's directory being exposed via http routes served by the module. The vulnerability is fixed in v2.1.0. Setting th...

PT-2024-19275 · Unknown · @Fastify/Swagger-Ui

Name of the Vulnerable Software and Affected Versions: fastify-swagger-ui versions prior to 2.1.0 Description: The default configuration of @fastify/swagger-ui without the baseDir option set leads to all files in the module's directory being exposed via HTTP routes served by the module. This issu...

Request Smuggling

fastify-reply-from is vulnerable to Request Smuggling. The vulnerability is due to the absence of a unified Content-Type parsing, unlike the majority of Fastify that uses fast-content-type-parse with trimming after split. This issue can be exploited by an attacker to bypass security checks,...

GHSA-V2V2-HPH8-Q5XP @fastify/reply-from JSON Content-Type parsing confusion

Impact The main repo of fastify use fast-content-type-parse to parse request Content-Type, which will trim after split. The fastify-reply-from have not use this repo to unify the parse of Content-Type, which won't trim. As a result, a reverse proxy server built with @fastify/reply-from could...

@fastify/reply-from JSON Content-Type parsing confusion

Impact The main repo of fastify use fast-content-type-parse to parse request Content-Type, which will trim after split. The fastify-reply-from have not use this repo to unify the parse of Content-Type, which won't trim. As a result, a reverse proxy server built with @fastify/reply-from could...

CVE-2023-51701

fastify-reply-from is a Fastify plugin to forward the current HTTP request to another server. A reverse proxy server built with @fastify/reply-from could misinterpret the incoming body by passing an header ContentType: application/json ; charset=utf-8. This can lead to bypass of security checks...

Security feature bypass

fastify-reply-from is a Fastify plugin to forward the current HTTP request to another server. A reverse proxy server built with @fastify/reply-from could misinterpret the incoming body by passing an header ContentType: application/json ; charset=utf-8. This can lead to bypass of security checks...

CVE-2023-51701

CVE-2023-51701 affects fastify-reply-from, a Fastify plugin. The vulnerability arises when the plugin misinterprets the request body due to a Content-Type handling discrepancy (Content-Type header like application/json ; charset=utf-8), allowing bypass of security checks. References in multiple s...

CVE-2023-51701 @fastify-reply-from JSON Content-Type parsing confusion

fastify-reply-from is a Fastify plugin to forward the current HTTP request to another server. A reverse proxy server built with @fastify/reply-from could misinterpret the incoming body by passing an header ContentType: application/json ; charset=utf-8. This can lead to bypass of security checks...