WARNING: THIS SITE IS A MIRROR OF GITHUB.COM / IT CANNOT LOGIN OR REGISTER ACCOUNTS / THE CONTENTS ARE PROVIDED AS-IS / THIS SITE ASSUMES NO RESPONSIBILITY FOR ANY DISPLAYED CONTENT OR LINKS / IF YOU FOUND SOMETHING MAY NOT GOOD FOR EVERYONE, CONTACT ADMIN AT ilovescratch@foxmail.com
Skip to content

v12.5.0

Latest
Latest

Choose a tag to compare

View all tags
@mcollina mcollina released this 01 Dec 22:03
· 2 commits to main since this release
v12.5.0
e740e22
This commit was signed with the committer’s verified signature.
mcollina Matteo Collina
GPG key ID: 818674489FBC127E
Verified
Learn about vigilant mode.

⚠️ Security Release ⚠️

By crafting a malicious URL, an attacker could access routes that are not allowed, even though the reply.from is defined for specific routes in @fastify/reply-from.

Read more at GHSA-2q7r-29rg-6m5h. This is catalogued as CVE-2025-66415.

What's Changed

  • Add test for text/event-stream proxying with custom parser by @mcollina in #438

Full Changelog: v12.4.0...v12.5.0

Contributors

mcollina
Assets 2
Loading