fastify Fastify Vulnerabilities
Fastify Fastify vulnerabilities.
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Vulnerability in Fastify Applications Affecting Content-Type Validation
CVE-2026-33806FastifyFastify7.5HIGHSpoofing Vulnerability in Fastify Framework by Fastify Team
CVE-2026-3635FastifyFastify6.1MEDIUMFastify Malformed Content-Type Header Vulnerability - Fastify
CVE-2026-3419FastifyFastify5.3MEDIUMValidation Bypass Vulnerability in Fastify Web Framework for Node.js
CVE-2026-25223FastifyFastify7.5HIGHDenial-of-Service Vulnerability in Fastify Web Framework for Node.js
CVE-2026-25224FastifyFastify3.7LOWMiddleware Bypass in Fastify Plugin by Fastify
CVE-2026-22037FastifyFastify-express8.4HIGHUnauthenticated Route Access in Fastify Reply From Plugin
CVE-2025-66415FastifyFastify-reply-from6.9MEDIUMValidation Bypass in Fastify Web Framework Affecting Node.js Applications
CVE-2025-32442FastifyFastify7.5HIGHImproper Temporary File Management in Fastify Multipart Plugin
CVE-2025-24033FastifyFastify-multipart7.5HIGHFestify Secure Session Plugin Patches Issue Allowing Unlimited Session Renewal
CVE-2024-31999FastifyFastify-secure-session7.4HIGHDefault swagger-ui configuration exposes all files in the module
CVE-2024-22207FastifyFastify-swagger-uiEPSS 14%5.3MEDIUMSecurity Bypass in Fastify Plugin for HTTP Request Forwarding from Fastify
CVE-2023-51701FastifyFastify-reply-from5.3MEDIUMSession fixation in fastify-passport
CVE-2023-29019FastifyFastify-passport8.1HIGHCross site request forgery token fixation in fastify-passport
CVE-2023-29020FastifyFastify-passport6.5MEDIUM@fastify/multipart vulnerable to DoS due to unlimited number of parts
CVE-2023-25576FastifyFastify-multipart7.5HIGHFastify vulnerable to Cross-Site Request Forgery (CSRF) attack via incorrect content type
CVE-2022-41919FastifyFastify4.2MEDIUMfastify-websocket vulnerable to uncaught exception via crash on malformed packet
CVE-2022-39386FastifyFastify-websocket7.5HIGHDenial of service in Fastify via Content-Type header
CVE-2022-39288FastifyFastify7.5HIGHPotential Timing Attack Vector in @fastify/bearer-auth
CVE-2022-31142FastifyFastify-bearer-auth7.5HIGHDenial of Service (DoS)
CVE-2021-23597FastifyFastify-multipart7.5HIGHLack of protection against cookie tossing attacks in fastify-csrf
CVE-2021-29624FastifyFastify-csrf6.5MEDIUMPrefix escape
CVE-2021-21321FastifyFastify-reply-from10CRITICALPrefix escape
CVE-2021-21322FastifyFastify-http-proxy10CRITICALCross-site Request Forgery (CSRF)
CVE-2020-28482FastifyFastify-csrf5.9MEDIUMDenial of Service Vulnerability in Fastify by Fastify
CVE-2020-8192FastifyFastify6.5MEDIUM