CVE-2021-21322 Information
Description
fastify-http-proxy is an npm package which is a fastify plugin for proxying your http requests to another server with hooks. By crafting a specific URL it is possible to escape the prefix of the proxied backend service. If the base url of the proxied server is /pub/ a user expect that accessing /priv on the target service would not be possible. In affected versions it is possible. This is fixed in version 4.3.1.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Reference
https://github.com/fastify/fastify-http-proxy/security/advisories/GHSA-c4qr-gmr9-v23w
https://www.npmjs.com/package/fastify-http-proxy
https://github.com/fastify/fastify-http-proxy/commit/02d9b43c770aa16bc44470edecfaeb7c17985016
fastify-http-proxy
is
an
npm
package
which
is
a
fastify
plugin
for
proxying
your
http
requests
to
another
server
with
hooks.
By
crafting
a
specific
URL
it
is
possible
to
escape
the
prefix
of
the
proxied
backend
service.
If
the
base
url
of
the
proxied
server
is
/pub/
a
user
expect
that
accessing
/priv
on
the
target
service
would
not
be
possible.
In
affected
versions
it
is
possible.
This
is
fixed
in
version
4.3.1.
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
HIGH
Base Severity
9.8
Share on: