Package impact
npm / @fastify/reply-from
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-33805 | high | 8.6 | 8.6 | 2mo ago | @fastify/reply-from v12.6.1 and earlier and @fastify/http-proxy v11.4.3 and earlier process the client's Connection header after the proxy has added its own headers via rewriteRequestHeaders. This al… | |||
| CVE-2025-66415 | unknown | — | — | 6mo ago | fastify-reply-from affected by bypass of reply forwarding | |||
| CVE-2023-51701 | unknown | — | — | 2y ago | @fastify/reply-from JSON Content-Type parsing confusion |