VYPR

Fastify\/http Proxy

by Fastify

CVEs (2)

  • CVE-2026-33805HigApr 15, 2026
    risk 0.49cvss 8.6epss 0.00

    @fastify/reply-from v12.6.1 and earlier and @fastify/http-proxy v11.4.3 and earlier process the client's Connection header after the proxy has added its own headers via rewriteRequestHeaders. This allows attackers to retroactively strip proxy-added headers from upstream requests…

  • CVE-2021-21322Mar 2, 2021
    risk 0.00cvss epss 0.02

    fastify-http-proxy is an npm package which is a fastify plugin for proxying your http requests to another server, with hooks. By crafting a specific URL, it is possible to escape the prefix of the proxied backend service. If the base url of the proxied server is `/pub/`, a user…