@art-ws/fastify-http-server (>=2.0.1 <=2.0.23), @art-ws/openapi (>=0.1.1 <=0.1.8) potentially affected by unknown CVE via @art-ws/di (>=2.0.1 <=2.0.27)

@art-ws/di NPM version =2.0.1, =2.0.1, =0.1.1, =0.1.8 Source cves: unknown CVE Source advisory: SNYK:JS-ARTWSDI-12744471...

Cross site request forgery (csrf)

fastify-csrf is an open-source plugin helps developers protect their Fastify server against CSRF attacks. Versions of fastify-csrf prior to 3.1.0 have a "double submit" mechanism using cookies with an application deployed across multiple subdomains, e.g. "heroku"-style platform as a service...