GHSA-2q7r-29rg-6m5h

Опубликовано: 02 дек. 2025

Источник: github

Github: Прошло ревью

CVSS4: 6.9

Описание

fastify-reply-from affected by bypass of reply forwarding

Summary

By crafting a malicious URL, an attacker could access routes that are not allowed, even though the reply.from is defined for specific routes in @fastify/reply-from.

Details

An attacker can bypass the route defined by the @fastify/reply-from package by adding a .. symbol, which, for curl version 8.7.1, is %2e%2e.

Impact

Everyone is using this package with the routes option to protect a 3rd-party resource.

Ссылки

Пакеты

Наименование

@fastify/reply-from

npm

Затронутые версииВерсия исправления

<= 12.4.0

12.5.0

EPSS

Процентиль: 18%

0.00059

Низкий

6.9 Medium

CVSS4

CVE ID

CVE-2025-66415

Дефекты

CWE-441

Связанные уязвимости

CVE-2025-66415

CVSS3: 5.4

nvd

2 месяца назад

fastify-reply-from is a Fastify plugin to forward the current HTTP request to another server. Prior to 12.5.0, by crafting a malicious URL, an attacker could access routes that are not allowed, even though the reply.from is defined for specific routes in @fastify/reply-from. This vulnerability is fixed in 12.5.0.

EPSS

Процентиль: 18%

0.00059

Низкий

6.9 Medium

CVSS4

CVE ID

CVE-2025-66415

Дефекты

CWE-441