Prefix escape
CVE-2021-21322

10CRITICAL

Key Information:

Vendor

Fastify

Status
Fastify-http-proxy
Vendor
CVE Published:
2 March 2021

What is CVE-2021-21322?

fastify-http-proxy is an npm package which is a fastify plugin for proxying your http requests to another server, with hooks. By crafting a specific URL, it is possible to escape the prefix of the proxied backend service. If the base url of the proxied server is /pub/, a user expect that accessing /priv on the target service would not be possible. In affected versions, it is possible. This is fixed in version 4.3.1.

Affected Version(s)

fastify-http-proxy < 4.3.1

References

https://github.com/fastify/fastify-http-proxy/security/ad...
x_refsource_CONFIRM
https://www.npmjs.com/package/fastify-http-proxy
x_refsource_MISC
https://github.com/fastify/fastify-http-proxy/commit/02d9...
x_refsource_MISC

CVSS V3.1

Score:
10
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.