2 matches found
@fastify/middie vulnerable to middleware authentication bypass in child plugin scopes
Impact @fastify/middie v9.3.1 and earlier incorrectly re-prefixes middleware paths when propagating them to child plugin scopes. When a child plugin is registered with a prefix that overlaps with a parent-scoped middleware path, the middleware path is modified during inheritance and silently fail...
CVE-2025-21040
Improper verification of intent by ExternalBroadcastReceiver in S Assistant prior to version 9.3.2 allows local attackers to modify itinerary information...