CVE-2023-51701

fastify-reply-from is a Fastify plugin to forward the current HTTP request to another server. A reverse proxy server built with `@fastify/reply-from` could misinterpret the incoming body by passing an header `ContentType: application/json ; charset=utf-8`. This can lead to bypass of security checks. This vulnerability has been patched in '@fastify/reply-from` version 9.6.0.
Configurations

Configuration 1 (hide)

cpe:2.3:a:fastify:reply-from:*:*:*:*:*:node.js:*:*

History

21 Nov 2024, 08:38

Type Values Removed Values Added
New CVE

Information

Published : 2024-01-08 14:15

Updated : 2024-11-21 08:38


NVD link : CVE-2023-51701

Mitre link : CVE-2023-51701

CVE.ORG link : CVE-2023-51701


JSON object : View

Products Affected

fastify

  • reply-from
CWE
CWE-444

Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')