Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2026-3635
Analyzed
More InfoOfficial Page
Source-ce714d77-add3-4f53-aff5-83d477b104bb
View Known Exploited Vulnerability (KEV) details
Published At-23 Mar, 2026 | 14:16
Updated At-16 Apr, 2026 | 17:46

Summary When trustProxy is configured with a restrictive trust function (e.g., a specific IP like trustProxy: '10.0.0.1', a subnet, a hop count, or a custom function), the request.protocol and request.host getters read X-Forwarded-Proto and X-Forwarded-Host headers from any connection — including connections from untrusted IPs. This allows an attacker connecting directly to Fastify (bypassing the proxy) to spoof both the protocol and host seen by the application. Affected Versions fastify <= 5.8.2 Impact Applications using request.protocol or request.host for security decisions (HTTPS enforcement, secure cookie flags, CSRF origin checks, URL construction, host-based routing) are affected when trustProxy is configured with a restrictive trust function. When trustProxy: true (trust everything), both host and protocol trust all forwarded headers — this is expected behavior. The vulnerability only manifests with restrictive trust configurations.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.16.1MEDIUM
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
Type: Secondary
Version: 3.1
Base score: 6.1
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
CPE Matches
fastify
fastify
>>fastify>>Versions before 5.8.3(exclusive)
cpe:2.3:a:fastify:fastify:*:*:*:*:*:node.js:*:*
Weaknesses
CWE IDTypeSource
CWE-348Secondaryce714d77-add3-4f53-aff5-83d477b104bb
CWE ID: CWE-348
Type: Secondary
Source: ce714d77-add3-4f53-aff5-83d477b104bb
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://cna.openjsf.org/security-advisories.htmlce714d77-add3-4f53-aff5-83d477b104bb
Third Party Advisory
https://github.com/fastify/fastify/security/advisories/GHSA-444r-cwp2-x5xfce714d77-add3-4f53-aff5-83d477b104bb
Vendor Advisory
https://www.cve.org/CVERecord?id=CVE-2026-3635ce714d77-add3-4f53-aff5-83d477b104bb
Third Party Advisory
Hyperlink: https://cna.openjsf.org/security-advisories.html
Source: ce714d77-add3-4f53-aff5-83d477b104bb
Resource:
Third Party Advisory
Hyperlink: https://github.com/fastify/fastify/security/advisories/GHSA-444r-cwp2-x5xf
Source: ce714d77-add3-4f53-aff5-83d477b104bb
Resource:
Vendor Advisory
Hyperlink: https://www.cve.org/CVERecord?id=CVE-2026-3635
Source: ce714d77-add3-4f53-aff5-83d477b104bb
Resource:
Third Party Advisory
Change History
0Changes found
Details not found