GHSA-6v32-fjc9-9qf6High
Nest: Middleware Bypass on Fastify via Trailing Slash
🔗 CVE IDs covered (1)
📋 Description
Impact
An authentication bypass vulnerability exists in @nestjs/platform-fastify (confirmed on version 11.1.24, the latest available release at time of report). When middleware is registered through NestJS's MiddlewareConsumer.forRoutes() API on the Fastify adapter, an unauthenticated client can bypass the Nest middleware registered for that route by simply appending a trailing slash (/) to the request URL.
This bypass works on the default Fastify adapter configuration — no special router options need to be enabled. Applications using the standard CRUD route shape (GET /resource and GET /resource/:id) are affected when they protect those routes with MiddlewareConsumer.forRoutes() middleware.
Patches
Fixed in @nestjs/[email protected]
References
Kudos goes to @a-tt-om
🎯 Affected products1
- npm/@nestjs/platform-fastify:<= 11.1.23