CVE-2023-51701 @fastify-reply-from JSON Content-Type parsing confusion

fastify-reply-from is a Fastify plugin to forward the current HTTP request to another server. A reverse proxy server built with @fastify/reply-from could misinterpret the incoming body by passing an header ContentType: application/json ; charset=utf-8. This can lead to bypass of security checks...

CVE-2023-51701 @fastify-reply-from JSON Content-Type parsing confusion

fastify-reply-from is a Fastify plugin to forward the current HTTP request to another server. A reverse proxy server built with @fastify/reply-from could misinterpret the incoming body by passing an header ContentType: application/json ; charset=utf-8. This can lead to bypass of security checks...

Fastify Environmental Vulnerabilities

Fastify is an open source web framework for Node.js from the OpenJS Foundation. A security vulnerability exists in Fastify fastify-reply-from versions prior to 9.6.0, which stems from the fact that passing body text via header using fastify/reply-from may be misinterpreted, leading to bypassing...

@gadgetinc/auth (>=0.1.0 <=0.4.0), clubeeo-core (>=0.6.0 <=0.6.12) +1 more potentially affected by CVE-2023-31999 +1 more via @fastify/oauth2 (>=5.1.0 <=6.1.0)

@fastify/oauth2 NPM version =5.1.0, =0.1.0, =0.6.0, =3.0.0-beta.0, =3.0.0-beta.31 Source cves: CVE-2023-31999, CVE-2023-35935 Source advisory: OSV:GHSA-G8X5-P9QC-CF95...

GHSA-G8X5-P9QC-CF95 @fastify/oauth2 vulnerable to Cross Site Request Forgery due to reused Oauth2 state

Impact All versions of @fastify/oauth2 used a statically generated state parameter at startup time and were used across all requests for all users. The purpose of the Oauth2 state parameter is to prevent Cross-Site-Request-Forgery attacks. As such, it should be unique per user and should be...

Cross-Site Request Forgery (CSRF)

fastify-oauth2, is vulnerable to Cross-Site Request Forgery. The vulnerability exists due to lack of randomness in the state parameter of index.js which allows an attacker to execute operations within the victim's session, leading to unauthorized access to user accounts...

Duplicate Advisory: @fastify/oauth2 Oauth2 state parameter reuse

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-g8x5-p9qc-cf95. This link is maintained to preserve external references. Original Description All versions of @fastify/oauth2 used a statically generated state parameter at startup time and were used across all...

CVE-2023-31999

All versions of @fastify/oauth2 used a statically generated state parameter at startup time and were used across all requests for all users. The purpose of the Oauth2 state parameter is to prevent Cross-Site-Request-Forgery attacks. As such, it should be unique per user and should be connected to...

Cross site request forgery (csrf)

All versions of @fastify/oauth2 used a statically generated state parameter at startup time and were used across all requests for all users. The purpose of the Oauth2 state parameter is to prevent Cross-Site-Request-Forgery attacks. As such, it should be unique per user and should be connected to...

CVE-2023-31999

CVE-2023-31999 affects all versions of @fastify/oauth2 due to a statically generated OAuth2 state parameter at startup, reused across requests for all users and sessions. This CSRF flaw could enable forged requests. The issue was addressed in v7.2.0, which switches to per-user state stored in a c...

CVE-2023-31999

All versions of @fastify/oauth2 used a statically generated state parameter at startup time and were used across all requests for all users. The purpose of the Oauth2 state parameter is to prevent Cross-Site-Request-Forgery attacks. As such, it should be unique per user and should be connected to...

Fastify 跨站请求伪造漏洞

Fastify is an OpenJS Foundation open source web framework for Node.js. A security vulnerability exists in Fastify oauth2 that stems from the use of statically generated state parameters in all user requests...

PT-2023-23563 · Unknown · @Fastify/Oauth2

Name of the Vulnerable Software and Affected Versions: @fastify/oauth2 versions prior to 7.2.0 Description: The issue arises from the statically generated state parameter used across all requests for all users, which should be unique per user to prevent Cross-Site-Request-Forgery attacks. The...

编号撤回

Fastify is an open source web framework for Node.js from the OpenJS Foundation. This CVE number has been withdrawn...

PT-2023-25393 · Unknown · @Fastify/Oauth2

Name of the Vulnerable Software and Affected Versions: @fastify/oauth2 versions prior to 7.2.0 Description: The issue is related to cross-site request forgery CSRF due to the use of a statically generated state parameter across all requests for all users. This parameter should be unique per user...

Cross-site Request Forgery (CSRF)

@fastify/passport is vulnerable to Cross-site Request Forgery CSRF. When a user logs in, the library doesn't remove the session object, keeping the csrf property in tact across unauthenticated and authorized sessions. CSRF tokens created prior to authentication are therefore still valid. Thus,...

Session Fixation

@fastify/passport is vulnerable to Session Fixation. The vulnerability exists because the user validations do not properly perform in the logIn and logOut functions of SecureSessionManager.ts, which allows an attacker to hijack the victim's session by tossing a valid sessionId cookie in the...

Cross-site Request Forgery (CSRF)

@fastify/csrf-protection is vulnerable to Cross-site Request Forgery CSRF. An attackers is able to bypass the CSRF protection mechanism by fixing a csrf cookie in the victim's browser and forging valid CSRF tokens that are valid for the victim's session...

CVE-2023-29020

@fastify/passport is a port of passport authentication library for the Fastify ecosystem. The CSRF Cross-Site Request Forger protection enforced by the @fastify/csrf-protection library, when combined with @fastify/passport in affected versions, can be bypassed by network and same-site attackers...

CVE-2023-29019

@fastify/passport is a port of passport authentication library for the Fastify ecosystem. Applications using @fastify/passport in affected versions for user authentication, in combination with @fastify/session as the underlying session management mechanism, are vulnerable to session fixation...