How severe is CVE-2025-32442?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.5 out of 10.

What type of vulnerability is CVE-2025-32442?

This is classified as CWE-1287, which is a common weakness in software security.

CVE-2025-32442 - HIGH Severity | CVSS 7.5

Vulnerability Description

Fastify is a fast and low overhead web framework, for Node.js. In versions 5.0.0 to 5.3.0 as well as version 4.9.0, applications that specify different validation strategies for different content types have a possibility to bypass validation by providing a _slightly altered_ content type such as with different casing or altered whitespacing before `;`. This was patched in v5.3.1, but the initial patch did not cover all problems. This has been fully patched in v5.3.2 and v4.9.1. A workaround involves not specifying individual content types in the schema.

Related Vulnerabilities

CVE-2021-44694

HIGH

CVSS:7.5(High)

Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device.

CWE-12872021

CVE-2022-20783

HIGH

CVSS:7.5(High)

A vulnerability in the packet processing functionality of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an unauthenticated, remote attacker to cause a d...

CWE-12872022

CVE-2022-22228

HIGH

CVSS:7.5(High)

An Improper Validation of Specified Type of Input vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS allows an attacker to cause an RPD memory leak leading to a Denial of ...

CWE-12872022

CVE-2022-43723

HIGH

CVSS:7.5(High)

A vulnerability has been identified in SICAM PAS/PQS (All versions < V7.0), SICAM PAS/PQS (All versions >= 7.0 < V8.06). Affected software does not properly validate the input for a certain parameter ...

CWE-12872022

CVE-2023-3900

HIGH

CVSS:7.5(High)

An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. An invalid 'start_sha' value on merge requests page...

CWE-12872023

CVE-2023-3904

HIGH

CVSS:7.5(High)

An issue has been discovered in GitLab EE affecting all versions starting before 16.4.4, all versions starting from 16.5 before 16.5.4, all versions starting from 16.6 before 16.6.2. It was possible t...

CWE-12872023