fastify-static@4.4.0 vulnerabilities
`fastify-static@4.7.0` has been deprecated. Please use `@fastify/static@5.0.0` instead.
-
latest version
4.7.0
-
latest non vulnerable version
-
first published
7 years ago
-
latest version published
2 years ago
-
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the fastify-static package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
fastify-static is a plugin for serving static files as fast as possible. Affected versions of this package are vulnerable to Open Redirect via a double slash followed by a domain. This may lead to a Denial-of-Service if the url contains invalid characters such as Note:
This only applies to Mozilla Firefox users, and if the application sets How to fix Open Redirect? Upgrade |
>=4.2.4 <4.4.1
|