CNNVD-202512-011 Information

CNNVD ID

CNNVD-202512-011

Related CVE

CVE-2025-66415

• CNNVD Published: 2025-12-01

Description (Chinese)

Fastify是Fastify开源的一个 Web 框架。 Fastify存在安全漏洞，该漏洞源于攻击者可构造恶意URL访问未授权路由，可能导致越权访问。

Description (English)

Fastify is an open-source Web framework for Fastify. Fastify had a security loophole, which stemmed from the fact that the attackers could construct malicious URLs to access unauthorized routes, which could lead to ultra vires access.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

fastify

Published

2025-12-01

Last Modified

2026-02-24

References

https://github.com/fastify/fastify-reply-from/security/advisories/GHSA-2q7r-29rg-6m5h https://github.com/fastify/fastify-reply-from/commit/4d9795cd5b57a36756d37b7f036eae369f69fa66 https://access.redhat.com/security/cve/cve-2025-66415

Patch

https://github.com/fastify/fastify-reply-from/releases