3 matches found
Authorization Bypass
fastify-reply-from is vulnerable to authorization bypass. An attacker is able to escape the prefix of the proxied backend service and access restricted service such as the parent of the base URL...
Prefix escape
Overview In fastify-http-proxy before version 4.3.1, by crafting a specific URL, it is possible to escape the prefix of the proxied backend service. If the base url of the proxied server is /pub/, a user expect that accessing /priv on the target service would not be possible. Unfortunately, it is...
GHSA-QMW8-3V4G-GWJ4 Prefix escape
Impact By crafting a specific URL, it is possible to escape the prefix of the proxied backend service. If the base url of the proxied server is /pub/, a user expect that accessing /priv on the target service would not be possible. Unfortunately, it is. CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N...