Vulnerabilities > Fastify
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-08 | CVE-2023-51701 | HTTP Request Smuggling vulnerability in Fastify Reply-From fastify-reply-from is a Fastify plugin to forward the current HTTP request to another server. | 7.5 |
| 2023-07-04 | CVE-2023-31999 | Cross-Site Request Forgery (CSRF) vulnerability in Fastify Oauth2 All versions of @fastify/oauth2 used a statically generated state parameter at startup time and were used across all requests for all users. | 8.8 |
| 2023-04-21 | CVE-2023-29019 | Session Fixation vulnerability in Fastify Passport @fastify/passport is a port of passport authentication library for the Fastify ecosystem. | 8.1 |
| 2023-04-21 | CVE-2023-29020 | Cross-Site Request Forgery (CSRF) vulnerability in Fastify Passport @fastify/passport is a port of passport authentication library for the Fastify ecosystem. | 6.5 |
| 2023-04-20 | CVE-2023-27495 | Cross-Site Request Forgery (CSRF) vulnerability in Fastify Csrf-Protection @fastify/csrf-protection is a plugin which helps protect Fastify servers against CSRF attacks. | 6.5 |
| 2023-02-14 | CVE-2023-25576 | Allocation of Resources Without Limits or Throttling vulnerability in Fastify Fastify-Multipart @fastify/multipart is a Fastify plugin to parse the multipart content-type. | 7.5 |
| 2022-11-22 | CVE-2022-41919 | Cross-Site Request Forgery (CSRF) vulnerability in Fastify Fastify is a web framework with minimal overhead and plugin architecture. | 8.8 |
| 2022-11-08 | CVE-2022-39386 | Unspecified vulnerability in Fastify Websocket @fastify/websocket provides WebSocket support for Fastify. | 7.5 |
| 2022-10-10 | CVE-2022-39288 | Improper Check for Unusual or Exceptional Conditions vulnerability in Fastify fastify is a fast and low overhead web framework, for Node.js. | 7.5 |
| 2022-07-14 | CVE-2022-31142 | Information Exposure Through Discrepancy vulnerability in Fastify Bearer-Auth @fastify/bearer-auth is a Fastify plugin to require bearer Authorization headers. | 7.5 |