Highmcollina

**Name of the Vulnerable Software and Affected Versions** Fastify versions prior to 5.7.2 **Description** Fastify is a web framework for Node.js. A validation bypass exists where request body validation schemas specified by Content-Type can be circumvented. Appending a tab character (`t`) followed by arbitrary content to the Content-Type header allows attackers to bypass body validation while the server processes the body as the original content type. The affected API endpoint receives requests with a Content-Type header, and the vulnerable parameter is the Content-Type header itself. **Recommendations** Update to version 5.7.2 or later.